Solved

Secure open port SQL server linked to Access Project Database file (ADP)

Posted on 2010-08-25
2
290 Views
Last Modified: 2012-05-10
Hi Guys,

I have a dedicated windows web server hosted by oneandone.co.uk
I've installed SQL server express and have an Access Project Database connected to the SQL database remotely, It all works suprisingly well across the open internet.
Obviously I'm concerned about the security aspect. I have it currently set so the user has to enter their Username and Password to login to the Database. Are there other ways of making it more secure by possibly tying it to the users mac address or some other method. I can't use an IP address because most users will not have a fixed IP address. I can set a different port number instead of the default 1433 but it is still an open port.

Any suggestions greatly received.
0
Comment
Question by:dataflowjoe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 33527490
The two can not be tied in.  The application SQL has no way of knowing what the MAC address of the remote user given that that packet travels through multiple routers and gets assembled by the networking driver of the OS.

A way to secure it is by controlling access.  I.e. configure firewall to limit who can connect to the port.  The other option is to use secure/encrypted socket and require the remote users have a certificate that your server will recognize.

The best way is to setup a web page/ASP that the users can use to access their data.  Adding logic into the web page that will lock out failed requests from the same source based on IP which is present in the HTTP headers and is passed to the web based application by the web server.

No matter which option you take, you still have an open port through which attempts to gain access will be made.
0
 
LVL 2

Author Closing Comment

by:dataflowjoe
ID: 33529002
Thanks for your reply , I've decided to use a VPN solution now.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Describes a method of obtaining an object variable to an already running instance of Microsoft Access so that it can be controlled via automation.
It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question