|Subject||RE: [firebird-support] Re: Users and DB access with FB on web server|
> -----Original Message-----Granted about tcp sniffers, however a lot of problems can be taken care of
> In theory - all you need is to be sniffing the TCP traffic to
> see SYSDBA and masterkey in clear text floating past.
> popular, we will finally see someone who wishes nothing but
> ill to those who use it.
by ensuring that the server is as tight as can be permissions, use aliases,
run FB Service under a non Admin user, checking firewall logs for
active/past connections, changing sysdba password on a regular basis and
> One more point... it is even safer to have the DB Server (andWithout a doubt however many clients like to have direct connection to db
> thus DB) which a webserver connects to, behind a firewall
> where only the webserver can see it.
when needed, granted it isn't the fastest / most secure but its important.
In Sep last year I raised this thread
fb-architect list which lists (imo) some improvements that would help FB
when connected to the www.
Another feature I would add to the list is the ability for FB to add
security audits to Event Log (NT + descendants) these could show
failed/successful connections including username.