<div>
Make SQL communicate thru a port other than 1433, make an exception on the firewall for that port and let the application communicate thru that port
</div>


Make SQL communicate thru a port other than 1433, make an exception on the firewall for that port and let the application communicate thru that port

<div>
<div class="content wysiwyg-content">
Hi <br />
<br />
We would like to set a web app externally on DMZ. The database will be on the internal lan. We would like to secure our database transactions. It will be build in c# and the database is MS SQL 2008.<br />
<br />
Which is the most secure and recommended way to talk to the database?<br />
<br />
Thanks
</div>
</div>


Hi 

We would like to set a web app externally on DMZ. The database will be on the internal lan. We would like to secure our database transactions. It will be build in c# and the database is MS SQL 2008.

Which is the most secure and recommended way to talk to the database?

Thanks

Web app

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

Microsoft SQL Server is a suite of relational database management system (RDBMS) products providing multi-user database access functionality.SQL Server is available in multiple versions, typically identified by release year, and versions are subdivided into editions to distinguish between product functionality. Component services include integration (SSIS), reporting (SSRS), analysis (SSAS), data quality, master data, T-SQL and performance tuning.

Microsoft SQL Server

The successor to Active Server Pages, ASP.NET websites utilize the .NET framework to produce dynamic, data and content-driven web applications and services. ASP.NET code can be written using any .NET supported language. As of 2009, ASP.NET can also apply the Model-View-Controller (MVC) pattern to web applications