Subject Re: [firebird-support] client-server password / data safety
Author Alexandre Benson Smith
Sean wrote:
> Hi,
> In firebird 1.5.4 and 2.0.1, is the firebird user/password (in
> connection string) sent from client machine to server machine
> encrypted? Can it be protected from network sniffer?
> Similarly, can the data sent from firebird client to server be encrypted?
> Thank you!
> Sean

It's sent encrypted, but don't use any salt, so one can easily use a
replay technique to gain access to the server. So from the practical
point of view it's sent in "clear text".

Use a tunneling software line ZeBeDee, stunnel or ssh to compress and
encrypt your net traffic. I use ZeBeDee very frequently and works like a
charm and is really really easy to setup.

see you !

Alexandre Benson Smith
THOR Software e Comercial Ltda
Santo Andre - Sao Paulo - Brazil