I suppose you are right... it doesn't come across as terribly helpful.
I suggest that you place a web service between your client app (on the
internet) and your sql server. MS SQL Server is fairly susceptible to
attack and there are still viruses out there that can disable SQL Server if
the port is directly exposed.
As for modifying the IPSec policy directly, I am sorry for not being able to
help more. I haven't investigated the ins and outs of poor security
designs.
--- Nick
"bb" <bb@discussions.microsoft.com> wrote in message
news:D6**********************************@microsof t.com...
This isnt helpful. Does anyone else have an actual helpful response? Thank
you in advance.
BB
"Nick Malik" wrote:
why is your SQL Server's port available to ANYBODY on the Internet?
Wouldn't the easiest thing be simply to make the SQL Server inaccessable
from a non-local web site?
--- Nick
"bb" <bb@discussions.microsoft.com> wrote in message
news:82**********************************@microsof t.com... I am trying to find out how to control an IPSEC policy - mainly add a
new IP to an existing policy - from C# code. My SQL Server installation is
getting pounded by brute force password attack for the sa user. To stop this I
wrote a Windows Service to detect when this is happening. Currently when it
detects that someone is attempting to do this, it will email me with the ip so
I can add it easily to my blocking IP IPSEC policy. What I would really like
to do, is when it detects and attemp it will add the IP to the IP Security
Policy automatically. Any ideas on this one? I have searched and searched and
cannot find anything on this.
Info:
Windows 2000 System
