Subject | Re: [firebird-support] Events and Firewall again |
---|---|
Author | David Johnson |
Post date | 2005-08-14T01:31:06Z |
Typically routers and firewalls are put in place specifically to block
access to ports that may carry sensitive information, such as corporate
databases.
Your options are (a) figure out how to configure your router/firewall,
(b) use tunneling, where messages for one protocol are piggybacked on
messages for another protocol, or (c) use VPN technologies.
I recommend against opening up your firewall. Exposing a databsae to
the internet world is kinda ... not the smartest idea.
HTTP tunneling is a common resolution, since most firewalls are
configured to pass HTTP packets. It tends to be less than transparent,
and represents a possible security hole, depending on the degree of
encryption used.
VPN preserves transparency and security, at the expense of a little
performance.
access to ports that may carry sensitive information, such as corporate
databases.
Your options are (a) figure out how to configure your router/firewall,
(b) use tunneling, where messages for one protocol are piggybacked on
messages for another protocol, or (c) use VPN technologies.
I recommend against opening up your firewall. Exposing a databsae to
the internet world is kinda ... not the smartest idea.
HTTP tunneling is a common resolution, since most firewalls are
configured to pass HTTP packets. It tends to be less than transparent,
and represents a possible security hole, depending on the degree of
encryption used.
VPN preserves transparency and security, at the expense of a little
performance.
On Sun, 2005-08-14 at 00:56 +0000, fabiano_bonin wrote:
> Hi.
>
> I will try to ask again...
>
> I'm still trying to work with events, but i'm almost sure it's
> impossible to use them when the FB client is in a network with a NAT
> router and the server is outside.
>
> If i understood right, when working with events, the FB server try to
> estabilish a connection to the client using a random port or the port
> defined in 'RemoteAuxPort'. The problem is, when the NAT router in the
> client network receives the packet, it has no way to know which
> machine in the client's network is supposed to receive this packet.
>
> Can someone confirm this?
>
> Regards,
>
> Fabiano.
>
>
>
>
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Visit http://firebird.sourceforge.net and click the Resources item
> on the main (top) menu. Try Knowledgebase and FAQ links !
>
> Also search the knowledgebases at http://www.ibphoenix.com
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Yahoo! Groups Links
>
>
>
>
>
>
>