From: Stout, William (
Date: Tue May 12 1998 - 09:23:04 PDT

  • Next message: arkat_private: "Inside PIX?"

    Depends on what you use as your ODBC data source.  If you configure
    MS-SQLserver as a data source, you'll use port 1433. See related:  
    If you use a file on a network share, you're talking SMB over NetBIOS
    over TCP ports 137 & 139 (haven't seen 138/UDP used myself).  You can't
    pass SMB or NetBIOS through a firewall without tunneling.
    The right way to do it is with a SQL data source and a SQL-proxy on the
    firewall, but if you don't know what ODBC is, I'll guess your firewall
    can't do SQL either <g>.  I also bravely deduct you're setting up an NT
    system.  An alternative is to use two interfaces on the webserver, one
    for the DMZ, one on the internal network.  The external interface does
    the TCP thing, and the internal network does NetBEUI only (that way you
    can use named pipes).
    The security risk of this comprises of crackers taking advantage of your
    ODBC link through the webserver (which they would have anyway, or worse,
    if you punched SQL through a generic port), or if you're weak/unlucky on
    NT security, someone will edit your registry, plant files for you to
    execute, or alter what's there and take advantage of your NetBEUI link.
    Stay on top of NT security issues since new ones constantly pop up.
    Bill Stout
    'Mind management'/thought control, component of Psychological warfare.  
    Next target of opportunity: Internet sites & postings.
    > ----- Original Message -----
    > From:	Moses, Ikoedem [SMTP:Ikoedem_Mosesat_private]
    > Reply To:	Moses, Ikoedem [SMTP:Ikoedem_Mosesat_private]
    > Sent:	Wednesday, May 06, 1998, 9:07:35
    > To:	Stout, William
    > Subject:	ODBC
    >  I want to pass ODBC  traffic from a webserver in the DMZ to  a database
    > server in the internal network. What is the right way to do it and what
    > ports does it uses?
    > ----- End Of Original Message -----

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:09 PDT