| Subject | Re: [ib-support] Re: Interbase safe on internet? |
|---|---|
| Author | Artur Anjos |
| Post date | 2002-07-01T15:26:33Z |
If you want to use Firebird over the internet, take a look at ZebeDee:
http://www.winton.org.uk/zebedee/
I use it in all my clients that run my applications over the internet. Some
beneficts:
- Compression (10x more performance in big querys, such as reports)
- encryption
- Small footprint
- entirely free for commercial or non-commercial use
Feel free to email me directly if you want some advice on this. (Off Topic
here).
Artur Anjos
http://www.winton.org.uk/zebedee/
I use it in all my clients that run my applications over the internet. Some
beneficts:
- Compression (10x more performance in big querys, such as reports)
- encryption
- Small footprint
- entirely free for commercial or non-commercial use
Feel free to email me directly if you want some advice on this. (Off Topic
here).
Artur Anjos
----- Original Message -----
From: "Mark O'Donohue" <mark.odonohue@...>
To: <ib-support@yahoogroups.com>
Sent: Monday, July 01, 2002 12:10 PM
Subject: [ib-support] Re: Interbase safe on internet?
> [sorry if it's not quite on topic, I posted this to
> borland.public.ib.opensource 2 days ago, it hasn't appeared, persuming a
> suff up and in case anyone was interested, (but it's not THAT
> interesting) I've posted it here as well.]
>
>
> Jorge Alvarez wrote:
> > <snip>
> >
> > Bill Todd wrote:
> >>You can buy a hardware firewall for $100. I think they all use NAT
> >>which I have read is very secure.
> >
> >
> > Bill,
> >
> > Somewhat off-topic but I'm very interested: where can I find
> information
> > about this inexpensive hardware firewalls?
> >
>
>
> A solution we've found useful is a cheap (< $100 recycled pc ) and one
> of the simple fw purpose built linux distributions.
>
> http://www.coyotelinux.com
> http://www.ipcop.org
>
> (NAT - network address translation is a way of having several pc's or
> internal network hiding behind a single ip address, good for sharing an
> adsl or dialup line, it's a convenience component of many firewalls
> (including both above) and it helps a bit by hiding the internal network
> - but it's primarily not really a security feature).
>
> The ipcop one is quite nice with web interface and intrusion detection
> program (snort), the coyote one is good for quick small install (a
> question and answer session builds you a boot floppy disk - yep it fits
> on a floppy).
>
>
> There are also others, these are just the ones we've used - and found
> useful.
>
> And on exposure of ib ports to the internet, basically don't do it -
> it's best to be careful.
>
> So restrict access to the ib/fb database to an applicaton server (it
> could possibly be on the same box). In that application server hardcode
> all the sql stmts to restrict the types of queries that the 'internet'
> users can make, and if you include user entered fields in the sql stmts,
> have a sensible limit check on the size of the sql stmt before you send
> it to the db server. The only allow the users to talk to the application
> server.
>
>
> Cheers
>
> Mark
> ---
> Your database needs YOU!
> http://www.firebirdsql.org
>
>
>