troubleshooting Question

How difficult would it be to hack the Sql Server 2005 sa password on an external web server?

Avatar of carlkelley
carlkelley asked on
Web DevelopmentASP.NET
1 Comment1 Solution778 ViewsLast Modified:
We are pondering our security risks for an ASP.NET application that accesses a Sql Server 2005 database server.  The web app is outside our firewall while Sql Server is inside.  We are using ASP.NET forms authentication on the front end.  A trusted service identity in the form of a Sql Server account credentials to access the database.  The trusted service identity is recorded in encrypted connection strings along with the IP address of Sql Server.  We have installed an SSL certificate on Sql Server to prevent packet sniffing.

From all that we have read including http://msdn.microsoft.com/en-us/library/aa302392.aspx, our primary risk is someone hacking the password to the sa account.  How difficult would that be given a fairly strong password?  Are there other risks that we should take seriously?
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 1 Comment.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros