Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

ODBC across the internet: firewall, security, encryption?

Posted on 2004-09-16
4
Medium Priority
?
831 Views
Last Modified: 2008-03-10
Hi. I'm looking to build an application where a number of remote win2k systems on the internet connect to a central office server running XP and some recent version of SQL Server to transfer daily data.

Here's my concerns:
1) I don't have access to the firewalls on the remote systems -- they run NAT and allow outgoing connections, but there's no way to open ports. I'd think this would not be a problem because they will initiate the connection to the office computer where I do have access. On the central (office) server I just need port 1433 open?

2) It looks to me like the standard MS ODBC driver supports TCP/IP connections and can accept ip addresses as well as fqdn for server names. I don't want to try to get remote computers to have to join the office domain. I believe I can use "mixed" SQL authentication so SQL server authenticates remote users.

3) I guess my main question has to do with security -- does the standard ODBC driver encrypt the transmission? If not I'll need to set up STUNNEL or Zebedee to protect the stream.

So in summary:
1) ODBC -> SQL server can be happy with only port 1433?
2) SQL Server authentication will be fine with remote internet ODBC clients?
3) ODBC -> SQL Server isn't an ecrypted stream?

Thanks,
John
0
Comment
Question by:jhanna777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 34

Expert Comment

by:arbert
ID: 12078062
Do you have protocol encryption enabled on your SQL Server?  If not, you won't have protocol encryption from your clients.

I would recommend using a tunnel (like you suggested)--SSH or PPTP....
0
 
LVL 34

Expert Comment

by:arbert
ID: 12078065
(you could always user terminal services too--if you have the license)
0
 

Author Comment

by:jhanna777
ID: 12078139
Terminal Services isn't an option.

SQL Server has a "protocol encryption"? Where would I find the settigns for it?

SSH might work, but I've had trouble with openssh on NT/XP. I'm leaning toward Zebedee -- compression might also help data exchange -- I expect these data dumps to be somewhat lengthy (probably > 1mb) and highly repetitive.

j
0
 
LVL 34

Accepted Solution

by:
arbert earned 300 total points
ID: 12078381
I've had really good luck with WAC server from http://www.foxitsoftware.com and putty as the client--performance (when compressed) is awesome....

Here are two microsoft whitepapers on configuring prot encryption:

http://support.microsoft.com/default.aspx?scid=kb;en-us;276553&Product=sql2k

http://support.microsoft.com/default.aspx?scid=kb;en-us;318605&Product=sql2k

 


Brett
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
One of the most important things in an application is the query performance. This article intends to give you good tips to improve the performance of your queries.
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Viewers will learn how to use the INSERT statement to insert data into their tables. It will also introduce the NULL statement, to show them what happens when no value is giving for any given column.

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question