Re: Web and SQL Security
From: Dennis Redfield (dennis_redfield_at_newsgroup.nospam)
Date: 03/23/05
- Next message: marcmc: "substring update?"
- Previous message: David: "Web and SQL Security"
- In reply to: David: "Web and SQL Security"
- Next in thread: Chris Weber [Security MVP]: "Re: Web and SQL Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Mar 2005 09:48:12 -0500
Usually the issue is concerned with SQL Server housed on the same box as a
web server running OUTSIDE the firewall. Typically (!) DB servers are not
placed outside the firewall. There is nothing inhirently insecure about IIS
and SQL Server on the same box, although you will want to review the
recommendations on hardening both your IIS and SQL Server installations.
hope this helps.
dlr
"David" <Dante@community.nospam> wrote in message
news:E3F758FD-A178-4DC9-8CB1-2567F9DA9468@microsoft.com...
> Hi
>
> I know that a couple of years ago I read a Microsoft recommendation that
SQL
> server shoudl not run on the same machine as IIS.
>
> We are looking at taking a managed hosted server for an app. and I
wondered
> if the same reccomendation applies. Does it depend on the way the hosting
> company sets up the server or is it always less secure when the two are on
> one machine?
> We can have two less powerful machines or one more powerful machine to do
> the job and security is the thing that will determine which way to go. We
wil
> use Windows Server 2003, SQL Server 200 and .Net Framework.
>
> Any thoughts appreciated.
>
> David
- Next message: marcmc: "substring update?"
- Previous message: David: "Web and SQL Security"
- In reply to: David: "Web and SQL Security"
- Next in thread: Chris Weber [Security MVP]: "Re: Web and SQL Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
