Firewall Wizards mailing list archives
RE: ODBC in DMZ
From: "C. K. Lung" <clung () hotmail com>
Date: Thu, 15 Jul 1999 22:29:07 -0400
Hi Stefan; Thank you for your detailed explanation. It is very useful. What if we are using Oracle instead of MS SQL? Would it be the same? If I have VPN, would it overcome the problem of clear text? Any input is greatly appreciated. Best regards, C.K.
-----Original Message----- From: Stefan Norberg [mailto:stnor () sweden hp com] Sent: Thursday, July 15, 1999 5:16 AM To: C. K. Lung Subject: Re: ODBC in DMZ C.K., ODBC is not a communications protocol. It relies on an underlying communications mechanism. For example: A client can access a MS SQL-server (using ODBC), via Named Pipes (yuck :P), MS RPC or TCP/IP Sockets (default port is 1433). In a DMZ I would recommend sockets, although this communication is in clear text, because it's only one port to open up. MS RPC is all high ports in all directions plus tcp/135. Named Pipes is NetBIOS-ssn (tcp/137). Use strong passwords. If possible - make the DB-replica read-only. /stefan ------------------------------------------------------------------- Stefan Norberg (stnor () sweden hp com) HP Consulting PGP-key: http://people.hp.se/stnor/stnor.asc KeyID: 2048-1024/0x06795314 Fingerprint: FB30 E334 8F04 F7D6 1FE7 2DFA 31D9 9052 0679 5314 ----- Original Message ----- From: C. K. Lung <clung () hotmail com> To: Firewall-Wizards <firewall-wizards () nfr net> Sent: Wednesday, July 14, 1999 02:34 Subject: ODBC in DMZA user needs to use ODBC access a program in DMZ. Do I need toopen portsor/and socket to allow the access? What kind of security risk it would post? Any comments/suggestions are greatly appreciated. Sincerely, C.K.
Current thread:
- ODBC in DMZ C. K. Lung (Jul 14)
- Re: ODBC in DMZ Stefan Norberg (Jul 15)
- Re: ODBC in DMZ Matt McClung (Jul 19)
- <Possible follow-ups>
- RE: ODBC in DMZ sean . kelly (Jul 15)
- Re: ODBC in DMZ Todd Johnson (Jul 15)
- RE: ODBC in DMZ C. K. Lung (Jul 15)
- Re: ODBC in DMZ Stefan Norberg (Jul 16)
- RE: ODBC in DMZ John McDonald (Jul 15)
- Re: ODBC in DMZ Sean Costello (Jul 16)
- RE: ODBC in DMZ sean . kelly (Jul 16)
- RE: ODBC in DMZ sean . kelly (Jul 16)