Re: Security Questions(s)

From: Mary Chipman (mchip@nomail.please)
Date: 02/14/03


From: Mary Chipman <mchip@nomail.please>
Date: Fri, 14 Feb 2003 11:54:16 -0500


 Access security is easily breached. A google search will turn up both
code and services where you can pay a nominal fee to bypass it. You
should ALWAYS use security on the server unless you really don't care
and are only looking to deter the ignorant and unmotivated.

Here's some free resources to help get you started securing your SQL
Server:
http://www.microsoft.com/sql/techinfo/administration/2000/security/securingsqlserver.asp
http://www.microsoft.com/sql/downloads/securitytools.asp
http://www.microsoft.com/sql/techinfo/administration/2000/securityWP.asp
http://www.sqlsecurity.com/

-- Mary
Microsoft Access Developer's Guide to SQL Server
http://www.amazon.com/exec/obidos/ASIN/0672319446

On Wed, 12 Feb 2003 07:59:08 -0500, "djc"
<david.copenhaver@hesstech.com> wrote:

>subject: database security: access mdw files verses SQL server
>authentication (either sql or windows integrated)
>
>current database setup: MS access2002 front-end forms and backend tables.
>security: mdw file.
>
>1. We are going to move the 'backend' of our database into SQL server 2000
>and keep the frontend forms in Access2002. Should we change to SQL Server's
>security mechanisms or stick with the access mdw files?
>
>2. What are the basic differences between SQL security and Access .mdw file
>security?
>
>3. Is using mdw files a reasonable method for security when the backend
>tables are in SQL Server?
>
>any help is greatly appreciated,
>Thanks.
>
>



Relevant Pages

  • RE: SQL Slammer doing the rounds again?
    ... SQL Slammer doing the rounds again? ... "I used to hate writing assignments, ... > Security Business Unit ... > at the largest, most highly-anticipated industry ...
    (Incidents)
  • Re: sql injection query
    ... escapes the values so this alone greatly enhances security. ... there was a post here a while ago about Validating SQL ... these regex's were very good] so he had no worries about Injection. ... wanted to know if I call a storedprocedure like this I would be similarly ...
    (microsoft.public.dotnet.framework.adonet)
  • [Full-disclosure] TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin
    ... TeamSHATTER Security Advisory ... SQL Injection in Oracle Enterprise Manager (advReplicationAdmin) ... This vulnerability allows to execute SQL ...
    (Full-Disclosure)
  • Re: Microsoft Access Security Best Practices when linking to a SQL back end
    ... Before Access can verify the username and password in the SQL ... Access authenticates the user before the database actually opens. ... own security algorithm is not going to be an easy task. ... > was originally written to use access's own .mdw file for security. ...
    (microsoft.public.access.security)
  • Re: 2005 Express how to encrypt db
    ... To solve this problem, in addition to having good security for the program, ... attach to another SQL Instance. ... Security Considerations for Backup and Restore (SQL Server) ...
    (microsoft.public.sqlserver.security)