[vpn] DB and VPN
Ryan Russell
ryan at securityfocus.com
Fri Dec 21 13:32:43 EST 2001
On Fri, 21 Dec 2001, Paul J P Slater wrote:
> I am just about to embark on a database project which will most probably end
> up in a VPN. Users (through a web browser) will be able to read and (with
> privs) alter the .db contents. More than likely it will be MS SQL server
> 2000 on a Wintel platform.
>
> What are the known VPN minefields for this ?
Who are the users, how will you authenticate, what OS platforms are they
on.
For example, if they are your employees, and you can dictate that they
must use whatever authentication mechanism you want, and you control what
software they are permitted to have on the company computers, then you can
pretty much pick whatever VPN you like.
On the other hand, if you're talking about something like a home banking
app, where you have no clue what software is being used, then you'll
probably be limited to something like username&password, and SSL.
Ryan
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list