September 10, 2010     |
Home
FAQs
       SQL Server FAQ
       SQL Injection FAQ
       SQL Security Checklist
       SQL Server-Related Products
       SQL Server/MSDE-Based Applications
       SQL Server Version Database
Tools
       Lockdown Script
       Free Tools
       Free Analysis
       Group Policy Templates
       Commercial Tools
Community
       Discussions
       Links
About
Search
Network Toaster
SQL Security Forums
Note: SQLSecurity.com does not allow nor require registration due to privacy concerns for users. SQLSecurity.com is open and anonymous for all. Please report any abuse or profanity.
Reply To Message:
Posted By n/a on 8/30/2006 7:03:51 PM
Subject: RE:MSSQL Server 2005, security
Message: Hi,

It depends what threats you are trying to protect yourself from. If you are worried about access control then there is a tool out there that can prevent connection requests depending on the application name and user name.

So in your case you would be able to prevent any connection other than IIS and SQL express (or the DLL that actually establishes the connection).

Check out www.pynlogic.com if you are trying to be proactive about it.

Or you have other products that will monitor your connection patterns without actually blocking them. AppRadar is one of them, but I am not sure how much detail they provide.

007
UserName: 
Subject:  MSSQL Server 2005, security
Body:
  
Show Replies:


ActiveForums 3.6
Copyright 1999 by Chip Andrews   |  Privacy Statement  |  Terms Of Use