Re: Port 1433 is open to internet, how can I secure db?
From: John Bell (jbellnewsposts_at_hotmail.com)
Date: 07/03/05
- Previous message: Susan S via SQLMonster.com: "Preventing ALL text SQL Injection by removing single-quotes ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 3 Jul 2005 10:20:06 +0100
Hi
Security is not only what is in-built into the product, your whole
organisation needs to be taken into account when considering how secure your
systems are. Although IDS systems and strong passwords may stop or hold off
recognised brute force attacks, they will not guard against social
engineering, mis-configuration or unknown security issues. This is not only
applies to SQL Server, but the OS and other software that is running on your
exposed server.
In this country your can by a wall safe that looks like and electical
socket. That does not stop a burgular kicking in all the electrical sockets
in the house. But if you put that safe on your outside wall, how long before
it was kicked in?
John
"Hoof Hearted" <HoofHearted@discussions.microsoft.com> wrote in message
news:3EF88705-53A2-43D9-8B58-5E375DDF7804@microsoft.com...
> Pardon me for jumping in...
>
> I administer a few networks, all with Sql Server exposed to the outside
> world on port 1433. I have never had any problems. If strong passwords
> are
> in place, isn't sql server secure?
>
- Previous message: Susan S via SQLMonster.com: "Preventing ALL text SQL Injection by removing single-quotes ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
