| Subject | Re: [ib-support] Where I find a really good security specific IB/FB group? |
|---|---|
| Author | Paul Schmidt |
| Post date | 2002-07-15T17:55:03Z |
On 12 Jul 2002 at 9:38, Scott Taylor wrote:
wrong place to secure data. Security should be a network issue rather then a
database issue. For example if you have a thin client say a web page that allows
database access, then you use shttp as the protocol, so the browser encrypts the
page response it gets sent down the wire encrypted, and then at the server the web
server decrypts the data, and passes the password in plain text to the database. By
the same token if you have a fat client you use something like VPN so that the
tunnel does the encryption/decryption.
Tricat Technologies
paul@...
www.tricattechnologies.com
> At 03:45 AM 12/07/2002, you wrote:I think you don't see many database related security groups, is because it's the
> >Hi all!
> >
> >Does anybody knows where can I find a security specific IB/FB group?
> >I'm now going to be responsible for a server on net, so I must be up
> >to date with the security issues..
>
> I've been looking for FB/IB issues for over a year and only thing I
> can ever come up with is a backdoor that was in Interbase prior to
> Firebird. So make sure you have the latest version.
>
> I have not seen and FB/IB security groups, not to say one doesn't
> exist.
>
> The worse security issues, that I can see, is plain text passwords
> that get sent over the net to port 3050, and that Firebird runs as
> root, by default.
wrong place to secure data. Security should be a network issue rather then a
database issue. For example if you have a thin client say a web page that allows
database access, then you use shttp as the protocol, so the browser encrypts the
page response it gets sent down the wire encrypted, and then at the server the web
server decrypts the data, and passes the password in plain text to the database. By
the same token if you have a fat client you use something like VPN so that the
tunnel does the encryption/decryption.
> Firebird Super Server comes with a script that will add the userPaul Schmidt, President
> "firebird" and set all the permissions to the new user. Very
> advisable to do, though I don't know if it works the same on NT, then
> again, (some might disagree) I would never use NT for something I
> wanted secure either. ;)
>
> Hans pointed out this kewl project:
> http://sourceforge.net/projects/zebedee/
> which will allow you to create a secure tunnel between client and
> server by encrypting and compressing your data stream. The
> compression is gravy as it'll just speed up the flow.
>
> That's about all I can offer, right now, other than a link to
> http://ibphoenix.com/ and http://firebird.sourceforge.net/
>
> Don't be afraid to ask your security questions here though, even if
> they all just seem like a bunch of code warriors. ;)
>
> Good luck.
>
> Scott.
>
>
> ------------------------ Yahoo! Groups Sponsor
> ---------------------~--> Save on REALTOR Fees
> http://us.click.yahoo.com/Xw80LD/h1ZEAA/Ey.GAA/67folB/TM
> ---------------------------------------------------------------------~
> ->
>
> To unsubscribe from this group, send an email to:
> ib-support-unsubscribe@egroups.com
>
>
>
> Your use of Yahoo! Groups is subject to
> http://docs.yahoo.com/info/terms/
>
>
>
Tricat Technologies
paul@...
www.tricattechnologies.com