IPSEC from C# without AD ??

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am trying to find out how to control an IPSEC policy - mainly add a new IP
to an existing policy - from C# code. My SQL Server installation is getting
pounded by brute force password attack for the sa user. To stop this I wrote
a Windows Service to detect when this is happening. Currently when it detects
that someone is attempting to do this, it will email me with the ip so I can
add it easily to my blocking IP IPSEC policy. What I would really like to do,
is when it detects and attemp it will add the IP to the IP Security Policy
automatically. Any ideas on this one? I have searched and searched and cannot
find anything on this.

Info:
Windows 2000 System
 
why is your SQL Server's port available to ANYBODY on the Internet?

Wouldn't the easiest thing be simply to make the SQL Server inaccessable
from a non-local web site?

--- Nick
 
This isnt helpful. Does anyone else have an actual helpful response? Thank
you in advance.

BB
 
I suppose you are right... it doesn't come across as terribly helpful.

I suggest that you place a web service between your client app (on the
internet) and your sql server. MS SQL Server is fairly susceptible to
attack and there are still viruses out there that can disable SQL Server if
the port is directly exposed.

As for modifying the IPSec policy directly, I am sorry for not being able to
help more. I haven't investigated the ins and outs of poor security
designs.

--- Nick
 
Back
Top