Internet Facing SQL Server, Login Security? How?
I would think that our Project is fairly common. We're stuck on a
security question.
We have a typical SQL Server 2000, running under Windows 2000 Server.
Our app is a VB, RDO. The Users are nationwide, in various client
companies, all sorts of PC platforms.
The VB App works fine with SQL Server Login Authentication, but this
leaves Port 1433 (I know we can select a different port) open to the
world, but we can see that Hackers are trying to break in.
We're trying to use Windows (NT) Authentication, ie Not Mixed Mode,
but can figure out how to get our VB App clients (nationwide) logged
in. We were hoping that VB could 'Impersonate' a passed in Windows ID
& PW, but we're been unseccessful. We're using RDO.
We're searched the Web and Newgroups, but most do not address SQL
Servers which are facing the Internet.
Q: How do we allow our client Users into our SQL Database ?? While
keeping security manageable.
Any Comments or Hints are really appreciated.
John
John@NoSpam_SensorySIMS.com
(please remove "NoSpam_" from return address to respond directly)