[dba-SQLServer]IP Connection to SQL

Arthur Fuller artful at rogers.com
Thu Apr 17 08:24:03 CDT 2003 

Thanks for your patience :-)

I believe that client 2 has a firewall set up on a box running freeBSD. I
don't know if there is also a VPN. I have no idea how to set one up. They do
have win2k server; that's what the sql box is running on. 

A.

-----Original Message-----
From: dba-sqlserver-bounces at databaseadvisors.com
[mailto:dba-sqlserver-bounces at databaseadvisors.com] On Behalf Of Francisco H
Tapia
Sent: April 16, 2003 4:37 PM
To: dba-sqlserver at databaseadvisors.com
Subject: Re: [dba-SQLServer]IP Connection to SQL


Arthur, the only stupid q's are the ones not asked ;o)

Using a diffrent port number helps prevent some of your most common attacks
on your server, yes there are port sniffer programs out there designed to
exploit the weaknesses in a firewall...  After a hacker or script kiddie
figures out your port all they  have to test access for is the SA account
since that is the common uid in all Sql Servers... in fact there are already
exploits that are published as .exe packages out there... VPN'ing your
connection would be the method to go in order to secure your connection, w/
or w/o TS.  The only thing I can think of in favor of TS is that the data is
carried between 10-100mbs (depending on your customer's network) over to the
TS screen vs, any T1 connection to your machine over the internet, and w/
VPN you have some overhead on the line.


-Francisco
http://rcm.netfirms.com

More information about the dba-SQLServer mailing list