SQL and IIS FTP are not good services to have running on the same box. 1) FTP is generally a world accessible service 2) SQL is generally a locally accessible service
Generally world accessible services and locally accessible services should not *ever* reside on the same machine. In reality, your database server probably holds a significant amount of important information for your organization. Therefore the SQL server, should under no circumstances be exposed to the same type of ACL's used for FTP sites. My 2 pence GLFH, Logan -----Original Message----- From: Phil Waller [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 25, 2006 12:25 PM To: [EMAIL PROTECTED]; [email protected] Subject: RE: Co-Hosting SQL with IIS FTP service I would split those services if at all possible I dont have any data to hand to backup this claim up, but i would suggest that this is a common sense approach? Patches may become an issue - you may need to have a SQL box providing 24 x 7 x 365 You then need to patch the IIS component, and a reboot is needed, down goes SQL You really want to reduce the attack surface of your systems, you wouldn't open up any SQL listeners to the whole world, but you would in an indirect way i assume if you use IIS FTP, [compromise FTP - stage an attack on the SQL service?] Also what about data storage - FTP can if unechecked start to fill up disk space - if your SQL server is mission critical it could possib;y impact on this? I wouldn't if i could help it - Others may disagree -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 25 July 2006 15:42 To: [email protected] Subject: Co-Hosting SQL with IIS FTP service Can anyone guide me as to what type of issues with inter-system dependencies might arise by co hosting IIS FTP service with SQL? Anyone know of any articles on the exploits? ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
