M
moko
Can anyone give me the ADO.Net connection string to connect to a remote SQL
server using it's IP address ? Any parameters and settings to be checked ?
server using it's IP address ? Any parameters and settings to be checked ?
W
William Ryan
"Data Source=IPADDRESS,PORT;Network Library=DBMSSOCN;Initial
Catalog=YourDatabase;User
ID=HopefullyNotSA;Password=HopefullySomethingEncrypted;"
HTH,
Bill
Catalog=YourDatabase;User
ID=HopefullyNotSA;Password=HopefullySomethingEncrypted;"
HTH,
Bill
M
Mike Collier
"Data Source=IPADDRESS,PORT;Network Library=DBMSSOCN;Initial
Looks a lot like a typical ADO connection then, you can try connecting to my
server if you like.
Standard ADO Connection String (don't wrap) modify details for .NET before
testing your connection:
Provider=SQLOLEDB.1;Password=webuser;Persist Security Info=True;User
ID=webuser;Initial Catalog=master;Data Source=81.130.213.94
Looks a lot like a typical ADO connection then, you can try connecting to my
server if you like.
Standard ADO Connection String (don't wrap) modify details for .NET before
testing your connection:
Provider=SQLOLEDB.1;Password=webuser;Persist Security Info=True;User
ID=webuser;Initial Catalog=master;Data Source=81.130.213.94
W
William \(Bill\) Vaughn
WARNING WILL ROBINSON:
This is dangerous. I suggest a VPN connection at least. There are lots of
people out there that can easily sniff the web for your credentials.
--
____________________________________
William (Bill) Vaughn
Author, Mentor, Consultant
MVP, hRD
www.betav.com
Please reply only to the newsgroup so that others can benefit.
This posting is provided "AS IS" with no warranties, and confers no rights.
__________________________________
This is dangerous. I suggest a VPN connection at least. There are lots of
people out there that can easily sniff the web for your credentials.
--
____________________________________
William (Bill) Vaughn
Author, Mentor, Consultant
MVP, hRD
www.betav.com
Please reply only to the newsgroup so that others can benefit.
This posting is provided "AS IS" with no warranties, and confers no rights.
__________________________________
M
Mike Collier
WARNING WILL ROBINSON:
Good point. "Oh the pain, the pain"
Good point. "Oh the pain, the pain"
M
moko
Thanks a lot for all the information, and may your servers be secure 
.
.
M
Miha Markic
Or you might consider Net-Library Encryption (see Sql server for more info
on it)
on it)
A
Angel Saenz-Badillos[MS]
I have to agree with Bill, I would not under any circumstances allow my
server to be visible to the outside world. Of course I would also under no
circumstances post my servers connection string to this newsgroup so
obviously security concerns do vary.
Possible risks of making your server visible include denial of service
attacks, brute force password hacking and credential sniffing either on the
way or on the client machine where the ado.net program is running. If you
give me an ado.net program that connects to your server you are giving me
access to the server with the same rights as the program, period. There is
no way to protect the connection information. In an intranet scenario
hopefully you are protecting against this by relying on integrated security,
but you can't rely on integrated security on the net.
Once somebody has access to your Sql Server (hopefully with an account with
valid restrictions, if they are admins it is all over) they will likely be
able to hack into the server machine, a lot of very smart people dedicate a
good chunk of their day to find (and tell everybody about) just this type of
vulnerabilities.
I would highly recommend adding a web services layer to access your server
if you want the server information to be accessible.
--
Angel Saenz-Badillos [MS] Managed Providers
This posting is provided "AS IS", with no warranties, and confers no
rights.Please do not send email directly to this alias.
This alias is for newsgroup purposes only.
server to be visible to the outside world. Of course I would also under no
circumstances post my servers connection string to this newsgroup so
obviously security concerns do vary.
Possible risks of making your server visible include denial of service
attacks, brute force password hacking and credential sniffing either on the
way or on the client machine where the ado.net program is running. If you
give me an ado.net program that connects to your server you are giving me
access to the server with the same rights as the program, period. There is
no way to protect the connection information. In an intranet scenario
hopefully you are protecting against this by relying on integrated security,
but you can't rely on integrated security on the net.
Once somebody has access to your Sql Server (hopefully with an account with
valid restrictions, if they are admins it is all over) they will likely be
able to hack into the server machine, a lot of very smart people dedicate a
good chunk of their day to find (and tell everybody about) just this type of
vulnerabilities.
I would highly recommend adding a web services layer to access your server
if you want the server information to be accessible.
--
Angel Saenz-Badillos [MS] Managed Providers
This posting is provided "AS IS", with no warranties, and confers no
rights.Please do not send email directly to this alias.
This alias is for newsgroup purposes only.
moko said:Thanks a lot for all the information, and may your servers be secure