I have a question about internet security and using a remote datasource.
What it boils down to is the nature of how a hacker would intercept
traffic. Could they intercept all traffic from a specific site?
My situation is this: I want to write sensative information to a remote
datasource using <cfquery DBSERVER=...>, and that info will be in
transit, and thus able to be intercepted. So, if I did a series of
updates, would that solve the problem, or would someone be able to piece
them together. Example:
<cfquery dbserver="x"... name="insertquery">
SET NOCOUNT ON
INSERT INTO User (FName, LName, Address)
VALUES ('Bob', 'Smith', '123 Fake St')
SELECT @@Identity AS NewID
</cfquery>
<cfquery dbserver="x"... >
UPDATE User
SET SSN = '123456789'
WHERE UserID = #INSERTQUERY.NewID#
</cfquery>
Since this is 2 separate transactions, someone seeing either one would do
them no good, but both would be a disaster (for me).
So, I am on the right track? Should this work or should I look into
securing this connection?
Thanks for any help.
---------------------------------------
Ben Morris
Web Site Developer
American Federation of Government Employees, AFL-CIO
(202) 639-6448
www.afge.org
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
