Solved

Secure open port SQL server linked to Access Project Database file (ADP)

Posted on 2010-08-25
2
291 Views
Last Modified: 2012-05-10
Hi Guys,

I have a dedicated windows web server hosted by oneandone.co.uk
I've installed SQL server express and have an Access Project Database connected to the SQL database remotely, It all works suprisingly well across the open internet.
Obviously I'm concerned about the security aspect. I have it currently set so the user has to enter their Username and Password to login to the Database. Are there other ways of making it more secure by possibly tying it to the users mac address or some other method. I can't use an IP address because most users will not have a fixed IP address. I can set a different port number instead of the default 1433 but it is still an open port.

Any suggestions greatly received.
0
Comment
Question by:dataflowjoe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 33527490
The two can not be tied in.  The application SQL has no way of knowing what the MAC address of the remote user given that that packet travels through multiple routers and gets assembled by the networking driver of the OS.

A way to secure it is by controlling access.  I.e. configure firewall to limit who can connect to the port.  The other option is to use secure/encrypted socket and require the remote users have a certificate that your server will recognize.

The best way is to setup a web page/ASP that the users can use to access their data.  Adding logic into the web page that will lock out failed requests from the same source based on IP which is present in the HTTP headers and is passed to the web based application by the web server.

No matter which option you take, you still have an open port through which attempts to gain access will be made.
0
 
LVL 2

Author Closing Comment

by:dataflowjoe
ID: 33529002
Thanks for your reply , I've decided to use a VPN solution now.
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This article describes a method of delivering Word templates for use in merging Access data to Word documents, that requires no computer knowledge on the part of the recipient -- the templates are saved in table fields, and are extracted and install…
Basics of query design. Shows you how to construct a simple query by adding tables, perform joins, defining output columns, perform sorting, and apply criteria.
In Microsoft Access, learn how to “cascade” or have the displayed data of one combo control depend upon what’s entered in another. Base the dependent combo on a query for its row source: Add a reference to the first combo on the form as criteria i…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question