?
Solved

ODBC across the internet: firewall, security, encryption?

Posted on 2004-09-16
4
Medium Priority
?
833 Views
Last Modified: 2008-03-10
Hi. I'm looking to build an application where a number of remote win2k systems on the internet connect to a central office server running XP and some recent version of SQL Server to transfer daily data.

Here's my concerns:
1) I don't have access to the firewalls on the remote systems -- they run NAT and allow outgoing connections, but there's no way to open ports. I'd think this would not be a problem because they will initiate the connection to the office computer where I do have access. On the central (office) server I just need port 1433 open?

2) It looks to me like the standard MS ODBC driver supports TCP/IP connections and can accept ip addresses as well as fqdn for server names. I don't want to try to get remote computers to have to join the office domain. I believe I can use "mixed" SQL authentication so SQL server authenticates remote users.

3) I guess my main question has to do with security -- does the standard ODBC driver encrypt the transmission? If not I'll need to set up STUNNEL or Zebedee to protect the stream.

So in summary:
1) ODBC -> SQL server can be happy with only port 1433?
2) SQL Server authentication will be fine with remote internet ODBC clients?
3) ODBC -> SQL Server isn't an ecrypted stream?

Thanks,
John
0
Comment
Question by:jhanna777
  • 3
4 Comments
 
LVL 34

Expert Comment

by:arbert
ID: 12078062
Do you have protocol encryption enabled on your SQL Server?  If not, you won't have protocol encryption from your clients.

I would recommend using a tunnel (like you suggested)--SSH or PPTP....
0
 
LVL 34

Expert Comment

by:arbert
ID: 12078065
(you could always user terminal services too--if you have the license)
0
 

Author Comment

by:jhanna777
ID: 12078139
Terminal Services isn't an option.

SQL Server has a "protocol encryption"? Where would I find the settigns for it?

SSH might work, but I've had trouble with openssh on NT/XP. I'm leaning toward Zebedee -- compression might also help data exchange -- I expect these data dumps to be somewhat lengthy (probably > 1mb) and highly repetitive.

j
0
 
LVL 34

Accepted Solution

by:
arbert earned 300 total points
ID: 12078381
I've had really good luck with WAC server from http://www.foxitsoftware.com and putty as the client--performance (when compressed) is awesome....

Here are two microsoft whitepapers on configuring prot encryption:

http://support.microsoft.com/default.aspx?scid=kb;en-us;276553&Product=sql2k

http://support.microsoft.com/default.aspx?scid=kb;en-us;318605&Product=sql2k

 


Brett
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Why is this different from all of the other step by step guides?  Because I make a living as a DBA and not as a writer and I lived through this experience. Defining the name: When I talk to people they say different names on this subject stuff l…
An alternative to the "For XML" way of pivoting and concatenating result sets into strings, and an easy introduction to "common table expressions" (CTEs). Being someone who is always looking for alternatives to "work your data", I came across this …
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Via a live example, show how to backup a database, simulate a failure backup the tail of the database transaction log and perform the restore.
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question