Re: The SA Mess
From: Mike Epprecht \(SQL MVP\) (mike_at_epprecht.net)
Date: Fri, 18 Mar 2005 00:54:15 +0100
If the DB password is hard coded in your application, any 1/2 geek with 3
minutes of access to the .EXE will figure out the password.
TDS is a known transport protocol. Sniffing what is going up and down the
wire is easy enough as it is not encrypted. Seriously, look at a middle
tier, and use something like HTTPS and web services to supply functionality
to your application.
If there is any personal information going up and down the wire, un-secured
and un-encrypted, you could fall foul of Privacy Legislation in many
countries. With the Internet, a user could be Europe.
Mike Epprecht, Microsoft SQL Server MVP
MVP Program: http://www.microsoft.com/mvp
"Russell Stevens" <firstname.lastname@example.org> wrote in message
> <<On the other hand, to me, opening up the SQL Server port to the Internet
> for all comers seems downright suicidal.>>
> I have done this for many years - I am still alive <g> - never really
> a problem with the occassional hacker trying to get in. It is just
> when the volume has gone up noticeably.
> <<For example, if 100 of your
> users are in the same company, you could issue one "access the app"
> to that company and let them share it. Taking a step further, I get the
> impression that you are distributing a desktop app which is going to
> the database -- you could have the app do the login for the user (open up
> HTTP connection). You could even get the app to retrieve a
> username/password from a web page, then use it to log in to the firewall
> ... but this starts to sound kludgy, like something *I* might set up.>>
> The windows app has a password to access the SQL db. Each user has a
> password stored in the db that allows them to run the Windows app. So
> basically now I just need to manage one password per database - the
> can then add users and assign their own passwords for running the Windows
> app (a license allows them x users). The users do not know the db
> If users need to enter a password to get access to the db (whether via a
> page or some more stuff in the Windows app) then that password would be
> pretty public <g>.
> I need to learn more about how to program one of these firewalls - perhaps
> the Windows app can send a password to the firewall, then the firewall
> open the port for just that IP. I did visit the web pages of the two
> firewalls you mentioned - not enough info there to figure out the
> of actually doing something like this.
> Of course, I would be perfectly happy with a Microsoft solution where SQL
> Server would not allow constant unsuccessful sa login attempts (or
> login attempts for any login) - in my opinion that is just not the correct
> design. Microsoft could easily fix that (and I think they have for SQL
> Russ Stevens