Solved

ODBC across the internet: firewall, security, encryption?

Posted on 2004-09-16
4
826 Views
Last Modified: 2008-03-10
Hi. I'm looking to build an application where a number of remote win2k systems on the internet connect to a central office server running XP and some recent version of SQL Server to transfer daily data.

Here's my concerns:
1) I don't have access to the firewalls on the remote systems -- they run NAT and allow outgoing connections, but there's no way to open ports. I'd think this would not be a problem because they will initiate the connection to the office computer where I do have access. On the central (office) server I just need port 1433 open?

2) It looks to me like the standard MS ODBC driver supports TCP/IP connections and can accept ip addresses as well as fqdn for server names. I don't want to try to get remote computers to have to join the office domain. I believe I can use "mixed" SQL authentication so SQL server authenticates remote users.

3) I guess my main question has to do with security -- does the standard ODBC driver encrypt the transmission? If not I'll need to set up STUNNEL or Zebedee to protect the stream.

So in summary:
1) ODBC -> SQL server can be happy with only port 1433?
2) SQL Server authentication will be fine with remote internet ODBC clients?
3) ODBC -> SQL Server isn't an ecrypted stream?

Thanks,
John
0
Comment
Question by:jhanna777
  • 3
4 Comments
 
LVL 34

Expert Comment

by:arbert
ID: 12078062
Do you have protocol encryption enabled on your SQL Server?  If not, you won't have protocol encryption from your clients.

I would recommend using a tunnel (like you suggested)--SSH or PPTP....
0
 
LVL 34

Expert Comment

by:arbert
ID: 12078065
(you could always user terminal services too--if you have the license)
0
 

Author Comment

by:jhanna777
ID: 12078139
Terminal Services isn't an option.

SQL Server has a "protocol encryption"? Where would I find the settigns for it?

SSH might work, but I've had trouble with openssh on NT/XP. I'm leaning toward Zebedee -- compression might also help data exchange -- I expect these data dumps to be somewhat lengthy (probably > 1mb) and highly repetitive.

j
0
 
LVL 34

Accepted Solution

by:
arbert earned 100 total points
ID: 12078381
I've had really good luck with WAC server from http://www.foxitsoftware.com and putty as the client--performance (when compressed) is awesome....

Here are two microsoft whitepapers on configuring prot encryption:

http://support.microsoft.com/default.aspx?scid=kb;en-us;276553&Product=sql2k

http://support.microsoft.com/default.aspx?scid=kb;en-us;318605&Product=sql2k

 


Brett
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The Delta outage: 650 cancelled flights, more than 1200 delayed flights, thousands of frustrated customers, tens of millions of dollars in damages – plus untold reputational damage to one of the world’s most trusted airlines. All due to a catastroph…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question