Holy Cow!, I've experienced the complete opposite with SQL 2005. The
EM takes forever to do anything. Also, I was trying to debug why some
of my queries went from 20ms to ~20s to run. Come to find out, if the
table was open in data or design view in EM, it was slowing down
access to that table.
I'm with Mike on this one (same provider) and have been using Enterprise
Manager for years with no issues and a full understanding of the security
implications. EM can be slow but the new EM for SQL 2005 seems to be a bit
better - not that I will need to use it apart from local db's it seems.
O
In addition to the automated attacks, you need to think about the
attacks from within...I'm not sure if any recent SQL2000 SPs have
fixed this, or if it is true in SQL2005, but in the past a user in
enterprise manager could see the names all of the other databases that
are on the box, even if they
Mike Kear wrote:
>
> Is this normal? I know we all want to have our databases safe from hacking
> as far as it's possible, but this sems like it's unworkable.How do other
> people upload data and copy data down from sites under this kind of
> situation?
Tunnel the connection over SSH or VPN.
So Bryan does that mean for practical purposes you really have to have a
static IP where you're connecting from so it can be in the table of allowed
ips? All isps in Australia dump your connection every so often so you
can't keep the same ip for an extended period, unless you pay extra for a
stat
> So Bryan does that mean for practical purposes you really have to have a
> static IP where you're connecting from so it can be in the table of allowed
> ips? All isps in Australia dump your connection every so often so you
> can't keep the same ip for an extended period, unless you pay extra fo
So Bryan does that mean for practical purposes you really have to have a
static IP where you're connecting from so it can be in the table of allowed
ips? All isps in Australia dump your connection every so often so you
can't keep the same ip for an extended period, unless you pay extra for a
stat
6:40 AM
Subject: Enterprise Manager in a shared hosting situation
> Is it a security risk to allow site owners to access their databases in a
> shared hosting arrangement by using Enterprise Manager? (Obviously I'm
> talking a windows box and MS Sqlserver2000+)
>
> I would ha
> No, you're not blinkered, the shared hosting I have allows
> access with EM
> and I'd hate not to have it!
We've had this discussion before on this list, and it always comes down
to customer service vs. security.
Hosts that are more concerned about security won't allow it. Other
hosts will al
> Well they could change the port, it would at least mean that
> automated attacks don't find the right port. No?
Yes, since automated attacks have (so far) only used the default SQL Server
ports. That's fine if your only concern is automated attacks, I guess.
Dave Watts, CTO, Fig Leaf Software
> Is this normal? I know we all want to have our databases
> safe from hacking as far as it's possible, but this sems
> like it's unworkable. How do other people upload data and
> copy data down from sites under this kind of situation?
> Or does everyone just do everything on line?
I have very
Well they could change the port, it would at least mean that automated
attacks don't find the right port. No?
Ade
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: 06 February 2006 15:14
To: CF-Talk
Subject: RE: Enterprise Manager in a shared hosting situation
&
No, you're not blinkered, the shared hosting I have allows access with EM
and I'd hate not to have it!
Ade
-Original Message-
From: Mike Kear [mailto:[EMAIL PROTECTED]
Sent: 06 February 2006 15:06
To: CF-Talk
Subject: Re: Enterprise Manager in a shared hosting situation
They
> They could get round this by using some other port couldnt
> they?
No.
> I know allowing any access from outside opens a risk, but we
> have to have some kind of access to do our work, upload and
> download data, dont we?
Yes, and we all have to decide how to balance security against conve
They could get round this by using some other port couldnt they? I know
allowing any access from outside opens a risk, but we have to have some kind
of access to do our work, upload and download data, dont we?
Or am i being blinkered by the fact that using DTS and EntMgr is so
convenient and I j
Thanks Dave, No they dont allow direct access to the databases ... over
the network.
Is this normal? I know we all want to have our databases safe from hacking
as far as it's possible, but this sems like it's unworkable.How do other
people upload data and copy data down from sites under thi
I think the issue is not just Enterprise Manager, but opening up ports
1433 and 1434 to the internet. I have hosted situations which allow
that access, and to be honest, it bothers me a little...the slammer
worm made a lot of people more wary of having those ports open.
Microsoft recommends that t
> Is it a security risk to allow site owners to access their
> databases in a shared hosting arrangement by using Enterprise
> Manager? (Obviously I'm talking a windows box and MS
> Sqlserver2000+)
>
> I would have thought it was no more of a risk than allowing
> users to access their database
Is it a security risk to allow site owners to access their databases in a
shared hosting arrangement by using Enterprise Manager? (Obviously I'm
talking a windows box and MS Sqlserver2000+)
I would have thought it was no more of a risk than allowing users to access
their databases with other tool
19 matches
Mail list logo
