Re: ODBC

From: Technical Incursion Countermeasures (listsat_private)
Date: Sun May 10 1998 - 11:48:23 PDT

Next message: tqbfat_private: "Re: ODBC"

Previous message: David C Niemi: "Re: Blitzkrieg Server -- For Real?!"
Maybe in reply to: Moses, Ikoedem: "ODBC"
Next in thread: tqbfat_private: "Re: ODBC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 05:06 AM 5/8/98 -0700, you wrote:
>1998-05-06-16:07:35 Ikoedem Moses:
>>  I want to pass ODBC  traffic from a webserver in the DMZ to  a database
>> server in the internal network. What is the right way to do it and what
>> ports does it uses?
>
>First answer would be easy: _don't_ do it. ODBC is an immature protocol;
>security isn't implemented by any vendor I know of. They don't have
>strong authentication, nor encryption. The protocol being passed is
>open-ended. Don't let it through your firewall. Replicate such data as
>the web presence needs out onto a server in the DMZ, perhaps reachable
>only by the web server. Don't let that traffic in.

I assume that you are using something like MS SQL Server - you are not
using Access are you? (I hope not). If you are using SQl Server then you
could post your queries to it via SMTP. It takes a little bit of tweaking
to get it to work right (What MS Product doesn't :{) but it means that you
are not opening up anything else in your firewall...

Cheers,

Bret
Technical Incursion Countermeasures 
consultingat_private                      http://www.ticm.com/
ph: (+61)(08) 9454 2487(UTC+8 hrs)      fax: (+61)(08) 9454 6042

The Insider - a e'zine on Computer security
http://www.ticm.com/about/insider.html

Next message: tqbfat_private: "Re: ODBC"
Previous message: David C Niemi: "Re: Blitzkrieg Server -- For Real?!"
Maybe in reply to: Moses, Ikoedem: "ODBC"
Next in thread: tqbfat_private: "Re: ODBC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:58:57 PDT