RE: ODBC

["Stout, William" <StoutW () pioneer-standard com>]

Depends on what you use as your ODBC data source.  If you configure
MS-SQLserver as a data source, you'll use port 1433. See related:
http://support.microsoft.com/support/kb/articles/q164/6/67.asp.  
If you use a file on a network share, you're talking SMB over NetBIOS
over TCP ports 137 & 139 (haven't seen 138/UDP used myself).  You can't
pass SMB or NetBIOS through a firewall without tunneling.

The right way to do it is with a SQL data source and a SQL-proxy on the
firewall, but if you don't know what ODBC is, I'll guess your firewall
can't do SQL either <g>.  I also bravely deduct you're setting up an NT
system.  An alternative is to use two interfaces on the webserver, one
for the DMZ, one on the internal network.  The external interface does
the TCP thing, and the internal network does NetBEUI only (that way you
can use named pipes).

The security risk of this comprises of crackers taking advantage of your
ODBC link through the webserver (which they would have anyway, or worse,
if you punched SQL through a generic port), or if you're weak/unlucky on
NT security, someone will edit your registry, plant files for you to
execute, or alter what's there and take advantage of your NetBEUI link.
Stay on top of NT security issues since new ones constantly pop up.

Bill Stout
______________________________________________________________________
'Mind management'/thought control, component of Psychological warfare.  
Next target of opportunity: Internet sites & postings.

> ----- Original Message -----
> From: Moses, Ikoedem [SMTP:Ikoedem_Moses () afcc com]
> Reply To:     Moses, Ikoedem [SMTP:Ikoedem_Moses () afcc com]
> Sent: Wednesday, May 06, 1998, 9:07:35
> To:   Stout, William
> Subject:      ODBC
>
>  I want to pass ODBC  traffic from a webserver in the DMZ to  a database
> server in the internal network. What is the right way to do it and what
> ports does it uses?
>
> ----- End Of Original Message -----