| Subject | Re: [firebird-support] Need security advice from the pros |
|---|---|
| Author | PenWin |
| Post date | 2008-09-02T09:52:12Z |
> Here are my problems:1) and 3) You could (should) move from one common SYSDBA to multiple
> 1, I can't redesign the program since it has a sofisticated built-in rights management mechanism, so I have to stay with the solution outlined above.
> 2, Clients will be connecting through LAN and through the Internet - so the database will be exposed on the Internet.
> 3, The program will be running at different companies.
usernames, one per company.
2) Use an encrypted tunnel. I use Zebedee for Firebird connections and
it works just fine.
You won't be able to prevent "a good hacker could reverse engineer the
code and get access", but you WILL minimize the impact - the hacker
would need access to each company's computers before he could hack into
their database.
Pepak