An ASP.NET website hosting service allows the use of Enterprize Manager to manage the backend database of a hosted asp.net website. This is not done across a VPN and I don't think it could be done on SSL so the question is : How Secure is that? would this be ok for learning but not Ecommerce? Or is it an encrypted session and I paranoid?
I connect to my clients SQL databases via Enterprise Manager. Most of the time the SQL server resides at a web host. A colleague recently told me that this is a huge security hole and I should be using Remote Desktop instead.
I would appreciate other input, opinions, and guidance on this issue.
I've been provided with a server at a hosting company. The server is running W2K3 SP2 in its own workgroup (i.e., non-AD) configuration, but is not behind any type of hardware firewall; there is no VPN in place, either. I connect to the server via RDP using an extremely long and complex password. I'm using the newest version of the RDP client. The article "Hacking RDP" and the ensuing reader comments (http://mcpmag.com/columns/article.asp?EditorialsID=1699) indicate that using RDP in this fashion is relatively safe.
I installed SQL Server 2005 SP2 on this server. I set server authentication to 'SQL Server and Windows Authentication mode'. I created one obscure SQL Server login, using another extremely long and complex password. I also disabled the login for the 'sa' account.
Since installing SQL Server on this server, I've noticed thousands of Failure Audit events in the server's Application log:
Source: MSSQLSERVER
Description: Login failed for user X
where X equals 'administrator', 'root', 'server', 'database' 'sql', 'sa', etc.
These failure events occur almost non-stop, about a dozen per second, and come from a small pool of unknown IP addresses. The IP address seems to change every few hours. I'm guessing that someone is hoping that one of these names is an actual SQL Server login and is trying a brute-force attack to try to stumble upon a matching password. None of these logins are valid, but it's still disconcerting. Is this anything to be concerned about? I could have the hosting company block the IP addresses, but that seems like a losing battle.
Lastly, I used the Surface Area Configuration tool to allow local and remote connections, using TCP/IP only--so that I could begin interacting with this SQL Server from my PC, using both SQL Server Management Studio and my own Visual Studio code. For each method, I'm using the obscure SQL Server login that I created earlier--the one with the extremely long and complex password. How (un)secure is my traffic to/from this SQL Server? I don't believe that my credentials are encrypted, but I'm not sure how much of a risk this is nor do I know how else to more securely connect to SQL Server.
Given these circumstances, is there any way to make this resource more secure? Thanks!
I am a bit stumped by error generated when attempting to connect to the report url.
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
The only thing I can think of is a certificate is issued to the server (all domain devices) via group policy by cert authority running on the domain.
If I check the bindings within Report Services Configuration Manager the certificate is referenced.
I have tried removing 443 but I am still unable to connect.
A neutron walks into a bar. "I'd like a beer" he says. The bartender promptly serves up a beer. "How much will that be?" asks the neutron. "For you?" replies the bartender, "no charge."
A user was created with a limited privilege under the USERS group. Once this user loged in the Report Manager he is acting like an Admin and Content Manager, though he is not given even a browser role.
What do u think that this guy is acting like a Super User evenif he is restricted to a browser role on the Report Manager ????????????
I'm writing a C# application which connects to a local SQL database for data access. The application connects to SQL Server through windows authentication, but opens up the port and sqlbrowser to others on the network wanting to access the database through SQL Server authentication, and also allows remote users to connect to this server remotely if they have the login and password (and because the port is already open)
I understand this is not secure and open to attack, and am unsure of how to secure these processes without blocking these three types of access, from A.) the local user, B.) the network user and C.) the remote user across the net.
Have researched this a fair bit, but get somewhat lost amongst all the jargon.
I am trying to get my hosting company to provide a way to make secure encrypted connections from my desktop (where I am using Enterprise Manager and Aqua Data Studio) to their shared MS SQL Server.
I've seen some references to SSH, but I don't understand how this works or how the host would implement it. I also read that an SSL certificate can be installed on SQL Server, but it doesn't seem as if EM or ADS can make SSL connections to SQL Server. (In case it makes any difference for either of these solutions, the hosting company has port 1433 open, and will not close it because some clients connect to the DB server from web apps on their own intranets.)
Finally, if a web-based admin is used instead (like phpMyAdmin for MySQL), then which machine is the software installed on? Can it be on a web server that makes a local connection to the DB server or does it have to be on the DB machine? E.g., if I had a VPS or dedicated server at the same hosting company would I be able to install web-based admin software which would then connect to the host's shared SQL Server?
Anyway, my host is giving incomprehensible (to me) objections to all of these ideas. Is there a reasonably simple way to do this on a shared DB server?
Are there any tools for administering SQL2000 remotely over the TCP/IP? And if this is possible what are the main hurdles on setting it up. Emulation is an option.
What is a secure way or accepted method to make database changes,IE: edit tables, add sprocs. ect. on a server being ran by an ASP.NET hosting service across the internet?
I would like to know if one can adminiter SQL server remotely using MMC on NT workstation? If so, how do you install the MMC and SQL Enterprise Manager Add-in on NT workstation?
using remote admin program and i need to pul the entire DB onto my local maachine to do some trial runs. I have a static IP so i thought I could just DTS the how system to my computer. Can any one verify that this is the best way of suggest another? Thanks Matt
I am getting problem with remote login to the sql instance.
In machine Sql 2008R2 is installed as default later 2014 installed as named instance. Both TCP/IP, shared memory, namedpipes are enabled for both named & default instances. For the default instance I can used the remote connections but the named instance is not allowing remote connections.
Hello All, I have a question in regards to Remote MSSQL Management. I am currently using EMS SQL Manager for SQL Server, the lite version and I find it to be rather slow sometimes. Has anyone used this program? If so, is it faster in the purchased version?
Also I've heard a lot of people use Win SQL, which is better? Is there anything else out there better than these?
My employer has asked me to search for which remote management tool we should purchase. Any recommendations would be greatly appreciated. Cost is not a huge issue, but obviously the best bang for the buck is what they are after.
I just setup a developer as a site admin in SSRS, he has administration rights to the site and also rights on folders that contain reports. He can access the reports folders no problem, however when he tries to access the "Home" folder he get's the error shown below.
UAC is switched off an other people are able to access this ok.
I'm experiencing problems connecting remotely (through the Management Studio) to a named instance of SQL Server Express 2005.
After investigation I determined it was a firewall issue - turn off windows firewall and I can connect fine. I initially added ports 1433 and 1434 to windows firewall - still no joy. Then I added the binaries explicitly (sqlservr.exe and sqlbrowsr.exe - or whatever they are) - still no joy. So, I looked into the firewall log to see what was being dropped. I found that my IP was trying to connect via port 1047 (TCP)... I've searched for anything about this on google and cannot find any indication that the management studio should be using this port to connect.
If I add this port, the connection works fine. Has anyone else experienced this ? As there seems to be no way of modifying the management studio to connect via a specific port, I'm a bit concerned that something is just not right.
We are in web site development company,Previously we don't have proxy configuration, after implementing Proxy , we have an issue to connect a remote database.
The error pops "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. Error 53".
I try to connect from a pc to a SQL Server on another pc. Both pc’s are in a workgroup. I want to connect from a Windows Forms application to a named instance on the other computer. By now I have been able to connect from one pc to SQL Server on the other with tcp:smurfin, 52782.
I want to be able to use servernameinstancename (instead of portnumber) to make a connection in a Windows Forms application.
I’ve checked / tried te following:
•In the properties of the instance, tab Connections, the option Allow Remote Connections is enabled •In Configuration Manager: TCP is enabled •The service SQL Server Browser is started •On the tab IPAddresses, in the section IPAll, there is NO portnumber for TCP Port. And TCP Dynamic Ports has the nummer 52782 •I have created un inbound rule for port 52782 and also for 1434 (SQL Server Browser). And to be on the save side: a rule for 1433 as well. •Restarted the service
If I run the following code in SQL Server, that same port number (52782) is returned:
EXEC xp_ReadErrorLog 0, 1, N'Server is listening on', N'any', NULL, NULL, 'DESC' GO SELECT local_tcp_port FROM sys.dm_exec_connections WHERE session_id = @@SPID
I am developing a package to restore a database from backup file on a remote server. I am having problems accessing the remote backup file when it is addressed via the admin share, in this case N$. It runs okay if a specific share is created but for some unknown reason fails via the adminshare.
I am executing the package job with a proxy account that is a member of the local administrators group on the remote server.
It appears that access via a remote admin share isn't possible from within a SSIS package. Is this the case?
Hi all, I am using Business Intelligence Developement Studio2005 for SSIS. I am using "Foreach Loop Container" in ssis. I want to make package Dynamic, for that i have mentioned Enumerator Configuration( folder, and files). But when i am opening "Property Expression Editor", i am unable to see the property "Connection String". iI have "Professional SQL Server 2005 Integration Services" book. On page 140 of this book, there is an example to make package dynamic but by using "Connection String" from Property. I think this option is available only with Enterprise Edition. Is it possible with other edition? I dont have the option "Connection String","DataRows To Skip","File Usages Type", and some more. It means I dont have enterprise edition?
I'm using ssms 2014, but got the same problem with 2012. I use ssms almost entirely on remote desktop sessions ( Windows 7, Server 2008R2, Server 2012 ). It may be related to having filtered job activity monitor windows open for hours, but about once per day ssms fails, and has to restart. Upon resuming usually only one of several queries is restored.
Hi guys, I don't own a copy of Enterprise Manager and I need to remotely restore a database on my local machine to my hosted machine, can you guys recommend an application that can do remote restores?
Or is there a way to convert a Database into a long set of Transact SQL statements that I can run on the remote server (ala MySQL's MySQLDump)?
I'm a newbie to Reporting Services so please forgive my ignorance...
I've recently installed SQL Server Express 2005 with Reporting Services on my Vista Business Notebook (with no network connections) and have installed VS C# Express as well as the Business Intelligence Studio to create reports.
My C# application can connect to SQL Server fine, however, the reports I created with Business Studio refuses to deploy to the server due to the following reason:
"The permissions granted to user 'localhostJenny' are insufficient for performing this operation".
I find this odd as I've been able to deploy reports on my other Windows XP machine (with SQL Server Express) no probs at all. Additionally, I cannot see the 'Site settings' link within Report Manager (Web) that I'd normally get with an admin account (i.e. on my Win. XP machine). Various sources indicate that my account has insufficient access rights to view this.
Having browsed through seemingly endless blogs and forums, I suspect that my local account has not been configured to access the Report Manager web client to publish, manage and administer the site.
I have tried the surface area tool for SQL Server, but I suspect that this is relevant only to SQL Server DB access and management. Adding an administrator here does nothing.
The question is, how can I grant access to myself (local account) to allow me to publish reports via business studio, and at the same time - administer Report Manager Site Settings - on my vista notebook??
I would be extremely grateful for any help on this matter - I've tried ceaseless reinstallations, but to no avail!
Can anyone tell me a cheap way to get this software, (Enterprize Manger and Query Analyzer). I am tyring to upsize to SQL Server with my Webhost and they are not very helpful in how to best do this.
So I am guessing I need these to connect to my new SQL Database. I know Microsoft has a trial version but isn't there a development version that I can run on my local XP and or 2000 machine and hook up to my webhost SQL server?
I like to know that in SQL2005 how many replication sides we can create for the same database. Can we create more that one are only one for each database.
I have developed a SSIS dts package, its running fine from my computer, but the problem is when I am deploying it on actual server then giving me error for connection
scenario,
development env: dev006
three servers: srv01 (64bit), srv02 (32bit), srv03 (32bit)
in development environment, same package is getting data from srv01 and pushing it to srv02 and srv03, but when i am deploying it on srv01 then it fails to establish connection with srv01. If I have a Business Intelligence Studio on 64bit then I will check it but that Studio is available for 64bit environments.
We just installed an application, WhatsUpGold, to monitor our servers. Management won't let me host that on my primary SQL box. So, we are using MSDE on the local machine (call that box my_netmon).
I can access the db with very basic functionality using osql while on the my_netmon machine. I've added my domain user account as a System Admin using the following commands.
exec sp_grantlogin @name go
exec sp_addsrvrolemember @name, 'sysadmin'
But when I go to the my_sql machine and try to attach to it with Enterprise Manager I get an error that the server does not exist.
What gives??? Is it just not possible, or am I missing something here?
My goal is to just be able to see the data stored in the MSDE db. Write views, etc...
Recently had to rebuild our SQLServer installation from scratch! major pain!! We had a remote server running a replicated version of the internal database system for the website. We also have a SQL DB hosted with a new ISP which is in test mode. All managed via EM.
Re-installed software, upgaded tp SP3, new MDAC. Set up the references for the two external DB's with the Client Network Utility. In EM set up a connection to DB on the new ISP, works perfectly, tried on the old DB and get 'SQL Server is not running or access denied' error message.
I confirmed the server is running, as its our live site. Cant connect using Query Analyser. I can ping the adress successfully. I've created new user logings that mach on both machines/servers, still no luck!
Can anyone suggest what the problem is/might be or how to fix... I'm flat out of ideas!
I have just put up an Webserver with SQL Server 2000. Everything is working fine on the remote machine Thru TS .. i can do every administrative things .. But i m facing problem to connect my remote databse server thru the Enterprise Manager .. It Gives me Cant Connect Database Server " Connection Failiure " when i try to connect my remote database server thru Ip address ,.. Please some one help me out to make connecting database server thru Enterprise Manager ..
Hi all,I need to gain access to a remote SQL Server 2000 storing my data.The remote SQL machine can only be accessed via an internet connection,that is - it is not part of my network.I know Enterprise Manager can do the job, but EM only comes bundled inMS SQL Server, which is not installed on the client machine.Please let me know which other (preferably free) tools can performsuch remote access.Thanks,Gilad Haimov