White list

gmanster
gmanster used Ask the Experts™
on
How do I whitelist an IP address coming into my server?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
CESNetwork Administrator

Commented:
Please provide more detail.  Depending on the application and setup, this could be done at several places

Author

Commented:
The program being accessed is AMSI run on SQL Server

Author

Commented:
Any ideas on this?
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooter
Commented:
I assume AMSI = "Antimalware Scan Interface" from Microsoft.  White listing usually refers to allowing email to be delivered without running the mail thru various checks and algorithms, which could cause mail to be discarded or filed in a junk/trash location.  

I don't expect AMSI on SQL Server to be receiving email.  I'm either mis-interpretting white list or AMSI, or am unfamiliar with what you are attempting to do in AMSI?

The short answer on "How do I whitelist an IP address coming into my server?": add the IP address to the software's whitelist, or write the software filters to not apply to the specified IP address.

Author

Commented:
AMSI is a property management software running on SQL server - We are trying to interface a software called Rent Payment that takes payment on the net.  Rent Payment is getting an error of access when trying to query on our outside IP address to the SQL server.  AMSI says we need to shite list Rent Payments incoming IP address in order for the error to go away however AMSI can't provide me with the information of where in the server to do the white listing.
Professional Troublemaker^h^h^h^h^hshooter
Commented:
Ah.  I assume Rent Payment is attempting to make a direct connection to your SQL Server on port tcp/1433 (unless you've moved SQL to another port, and assuming SQL is configured to use TCP/IP.)  You have a few things to consider/possible places to white list the address:
(a) If your SQL server is using a private IP address, and is using NAT (Network Address Translation) to access the outside, you'll need to configure a Destination NAT, so that the device (usually a router or firewall) that is performing the address translation.  On that router/firewall device, you'll usually have an access control list... this is your equivalent to a white list, to permit traffic in.
(b) If you have internal network security (east-west firewalls), or interior routers with ACLs defined, you'll need to configure those 'whitelists' on each of the routers providing security.
(c) If you have a host based firewall configured on the server hosting SQL Server, you'll need to 'whitelist' the Rent Payment IP address there as well.

Author

Commented:
Let me check on this - Thanks!!!!
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooter

Commented:
General information on White Listing provided, as well as where to likely collect more information for a specific instance.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial