> Yes, run them over a VPN. If you leave database port
> open to the
> Internet, you are just asking for trouble.

Particularly if it's SQL. There is a nasty little
tool out there called sqlexec.exe that allows someone
to connect to an SQL Server system and execute
commands. By default, the tool uses a blank sa
password, but the source code is available...adding a
brute force routine, or an arg for a password
discovered by a bf tool is trivial...

Carv

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]