Re: Is there a better way
From: Adam Machanic (amachanic_at_hotmail._removetoemail_.com)
Date: 12/13/04
- Next message: John Bell: "Re: virus in blob file"
- Previous message: Kevin Wells: "Generate a random character string"
- In reply to: Russell Stevens: "Re: Is there a better way"
- Next in thread: Donald Welker: "RE: Is there a better way"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 13 Dec 2004 11:42:45 -0500
"Russell Stevens" <rastevens@aol.com> wrote in message
news:uQmuf7w3EHA.4072@TK2MSFTNGP10.phx.gbl...
>
> Since this is such a common problem (anyone with an open 1433 is
probably
> being attacked numerous times each week) I was hoping there was a standard
> solution (I am not familiar with a real time scriptable firewall but that
> sounds like what is necessary - after x bad attempts, add IP to black list
> or if not an sa login add to white list if password is OK).
The fact is, SQL Server just wasn't designed to be used as an open
internet server. It's made to sit well behind a firewall, protected by the
firewall, intermediate app and web servers, etc. I doubt that MS will ever
provide a truly hardened solution. It doesn't really mesh, IMO, with the
goals of a back-end database server.
-- Adam Machanic SQL Server MVP http://www.sqljunkies.com/weblog/amachanic --
- Next message: John Bell: "Re: virus in blob file"
- Previous message: Kevin Wells: "Generate a random character string"
- In reply to: Russell Stevens: "Re: Is there a better way"
- Next in thread: Donald Welker: "RE: Is there a better way"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
