mbabcockfibrespeed.net

• Next message: mouss: "RE: How do I do a reverse Invoke"
• Previous message: mouss: "RE: IP addressing on firewall"
• In reply to: Mikael Olsson: "Re: hacking the system"
• Next in thread: Mikael Olsson: "Re: hacking the system"
• Reply: Michael T. Babcock: "Re: hacking the system"
• Reply: Mikael Olsson: "Re: hacking the system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----- Original Message -----
From: "Mikael Olsson" <mikael.olssonenternet.se>

> > Do not do this if you are using SQL authentication. Even once you have
> > changed the sa password from the default (null), it is still apparently
> > a security hole.
>
> SQL authentication is plain text. Ripping passwords from it is
> like stealing candy from a kid.
>
> To be able allow SQL talk across the internet with anything even
> remotely resembling "security", you'll have to encrypt it somehow.
> I guess plain old SSH tunneling is out of the question (wrong OS),
> so IPsec is probably your best bet. PPTP sucks, so it's not an
> option, and L2TP is probably too cumbersome. (Having your interface
> suddenly be present on the remote network is handy in "RAS"
> scenarios, but it isn't much good if the clients are trying to
> connect to multiple locations at the same time while maintaining
> local network security.)

Note: very good SSH solutions exist for Windows now. http://www.ssh.fi has
commercial versions of SSH2 for Windows that are child's play to set up.

-
[To unsubscribe, send mail to majordomolists.gnac.net with
"unsubscribe firewalls" in the body of the message.]

• Next message: mouss: "RE: How do I do a reverse Invoke"
• Previous message: mouss: "RE: IP addressing on firewall"
• In reply to: Mikael Olsson: "Re: hacking the system"
• Next in thread: Mikael Olsson: "Re: hacking the system"
• Reply: Michael T. Babcock: "Re: hacking the system"
• Reply: Mikael Olsson: "Re: hacking the system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]