[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Secure open port SQL server linked to Access Project Database file (ADP)

Posted on 2010-08-25
2
Medium Priority
?
295 Views
Last Modified: 2012-05-10
Hi Guys,

I have a dedicated windows web server hosted by oneandone.co.uk
I've installed SQL server express and have an Access Project Database connected to the SQL database remotely, It all works suprisingly well across the open internet.
Obviously I'm concerned about the security aspect. I have it currently set so the user has to enter their Username and Password to login to the Database. Are there other ways of making it more secure by possibly tying it to the users mac address or some other method. I can't use an IP address because most users will not have a fixed IP address. I can set a different port number instead of the default 1433 but it is still an open port.

Any suggestions greatly received.
0
Comment
Question by:dataflowjoe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 80

Accepted Solution

by:
arnold earned 2000 total points
ID: 33527490
The two can not be tied in.  The application SQL has no way of knowing what the MAC address of the remote user given that that packet travels through multiple routers and gets assembled by the networking driver of the OS.

A way to secure it is by controlling access.  I.e. configure firewall to limit who can connect to the port.  The other option is to use secure/encrypted socket and require the remote users have a certificate that your server will recognize.

The best way is to setup a web page/ASP that the users can use to access their data.  Adding logic into the web page that will lock out failed requests from the same source based on IP which is present in the HTTP headers and is passed to the web based application by the web server.

No matter which option you take, you still have an open port through which attempts to gain access will be made.
0
 
LVL 2

Author Closing Comment

by:dataflowjoe
ID: 33529002
Thanks for your reply , I've decided to use a VPN solution now.
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
Instead of error trapping or hard-coding for non-updateable fields when using QODBC, let VBA automatically disable them when forms open. This way, users can view but not change the data. Part 1 explained how to use schema tables to do this. Part 2 h…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question