Firewall Wizards mailing list archives
Re: ODBC in DMZ
From: "Stefan Norberg" <stnor () sweden hp com>
Date: Thu, 15 Jul 1999 11:16:46 +0200
C.K., ODBC is not a communications protocol. It relies on an underlying communications mechanism. For example: A client can access a MS SQL-server (using ODBC), via Named Pipes (yuck :P), MS RPC or TCP/IP Sockets (default port is 1433). In a DMZ I would recommend sockets, although this communication is in clear text, because it's only one port to open up. MS RPC is all high ports in all directions plus tcp/135. Named Pipes is NetBIOS-ssn (tcp/137). Use strong passwords. If possible - make the DB-replica read-only. /stefan ------------------------------------------------------------------- Stefan Norberg (stnor () sweden hp com) HP Consulting PGP-key: http://people.hp.se/stnor/stnor.asc KeyID: 2048-1024/0x06795314 Fingerprint: FB30 E334 8F04 F7D6 1FE7 2DFA 31D9 9052 0679 5314 ----- Original Message ----- From: C. K. Lung <clung () hotmail com> To: Firewall-Wizards <firewall-wizards () nfr net> Sent: Wednesday, July 14, 1999 02:34 Subject: ODBC in DMZ
A user needs to use ODBC access a program in DMZ. Do I need to open ports or/and socket to allow the access? What kind of security risk it would post? Any comments/suggestions are greatly appreciated. Sincerely, C.K.
Current thread:
- ODBC in DMZ C. K. Lung (Jul 14)
- Re: ODBC in DMZ Stefan Norberg (Jul 15)
- Re: ODBC in DMZ Matt McClung (Jul 19)
- <Possible follow-ups>
- RE: ODBC in DMZ sean . kelly (Jul 15)
- Re: ODBC in DMZ Todd Johnson (Jul 15)
- RE: ODBC in DMZ C. K. Lung (Jul 15)
- Re: ODBC in DMZ Stefan Norberg (Jul 16)
- RE: ODBC in DMZ John McDonald (Jul 15)
- Re: ODBC in DMZ Sean Costello (Jul 16)
- RE: ODBC in DMZ sean . kelly (Jul 16)
- RE: ODBC in DMZ sean . kelly (Jul 16)