SQL Server Performance

My weblog entry - block ip address

Discussion in 'The Lighter Side of Being a DBA' started by satya, Aug 16, 2005.

  1. satya Moderator

    http://www.sql-server-performance.com/absolutenm/templates/?a=231&z=1
    Please add your feedback here, so that I can accumulate in the same log entry.

    Satya SKJ
    Moderator
    http://www.SQL-Server-Performance.Com/forum
    This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
    satya, Aug 16, 2005
    #2

  2. FrankKalis Moderator

    You're running Linux at home, Satya? Seems like a configuration option in the Apache httpd.conf [<img src='/community/emoticons/emotion-5.gif' alt=';)' />]<br /><br />--<br />Frank Kalis<br />Microsoft SQL Server MVP<br /<a target="_blank" href=http://www.insidesql.de>http://www.insidesql.de</a><br />Ich unterstütze PASS Deutschland e.V. <a target="_blank" href=http://www.sqlpass.de>http://www.sqlpass.de</a>) <br />
    FrankKalis, Aug 16, 2005
    #2

  3. satya Moderator

    Yes Frank, a part of it comes from linux also.
    I appreciate your feedback about configuring such tricks without leaving it to firewall completely.

    Satya SKJ
    Moderator
    http://www.SQL-Server-Performance.Com/forum
    This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
    satya, Aug 16, 2005
    #2

  4. FrankKalis Moderator

    I'm no expert in configuring a webserver. Neither Apache nor IIS or whatever. But I believe that you can block the majority of attacks when you read and understand best practise guidelines to the server in question and keep an eye on updates, patches and hot-fixes. And while this maybe won't stop the more knowledgeable attackers, it surely will stop script-kiddies and other part-time attackers. Setting up a firewall is no trivial thing to do. And I'm actually glad that I'm no network admin responsible for this. [<img src='/community/emoticons/emotion-1.gif' alt=':)' />]<br /><br />--<br />Frank Kalis<br />Microsoft SQL Server MVP<br /<a target="_blank" href=http://www.insidesql.de>http://www.insidesql.de</a><br />Ich unterstütze PASS Deutschland e.V. <a target="_blank" href=http://www.sqlpass.de>http://www.sqlpass.de</a>) <br />
    FrankKalis, Aug 16, 2005
    #2

  5. ghemant Moderator

    Sir,
    though i am also not expert but if you are using IIS webserver then :

    http://msdn.microsoft.com/library/d...html/ac1cfc44-d09c-4297-accf-ab49880441ca.asp

    http://weblogs.asp.net/cschittko/archive/2004/03/05/85041.aspx

    http://msdn.microsoft.com/library/d...html/0608ec6c-4bf5-42bd-a5f5-db2de1d96584.asp



    these are vbs script , and theirs a option at iis manager -> directory security (ip address and domain name restriction) to add / remove ip address for access and access denied ...

    thread :

    http://www.defusion.com/discussions/DisplayThread.cfm?ThreadID=1048



    and if you are looking for personal pc security then must set option is

    local security settings -> secutiy option -> additional restriction for annonymous connection -> value set to NO ACCESS WITHOUT EXPLICIT PERMISSION

    file system should be NTFS

    disable NETBIOS over TCP/IP

    enable IP SEC

    their are tooo many but this are in my memory

    Regards



    hsGoswami
    ghemant@gmail.com
    "Humans don't have Caliber to PASS TIME , Time it self Pass or Fail Humans" - by Hemant Goswami
    ghemant, Aug 17, 2005
    #2

Share This Page