| Subject | Re: Type 4 Driver Security |
|---|---|
| Author | rrokytskyy |
| Post date | 2002-04-17T16:07:48Z |
Hi,
other things), but not data transferred over the wire. Data
encryption was discussed in devel list some time ago, and as far as I
remember idea is that LAN is trusted environment, so no encryption is
necessary.
protocol, so one could add encryprion there. You can add encryption
to type 4 driver by replacing plain socket we use with SSLSocket and
provide a proxy on your database server that will decrypt SSL and
send plain data to database server. This should not be complex task.
Another very cheap workaround is SSH port mapping. Not very nice from
maintainance point of view though.
My personal opinion in this issue is: do not expose your server to
outer world and do not allow direct connection to your database
server event through port mapping on your firewall.
Best regards,
Roman Rokytskyy
> Does the type 4 JDBC driver encrypt?No. As far as I know API alows encryption of passwords (and some
other things), but not data transferred over the wire. Data
encryption was discussed in devel list some time ago, and as far as I
remember idea is that LAN is trusted environment, so no encryption is
necessary.
> I know that the Interclient JDBC driver does, but I haven't seenInterClient is a bit different thing: java talks proprietary
> that mentioned in reference to the type 4 driver.
protocol, so one could add encryprion there. You can add encryption
to type 4 driver by replacing plain socket we use with SSLSocket and
provide a proxy on your database server that will decrypt SSL and
send plain data to database server. This should not be complex task.
Another very cheap workaround is SSH port mapping. Not very nice from
maintainance point of view though.
My personal opinion in this issue is: do not expose your server to
outer world and do not allow direct connection to your database
server event through port mapping on your firewall.
Best regards,
Roman Rokytskyy