Securing web server to database services

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Why is hewlett packard not displaying site I am trying to download a driver for my printer. I can't get the drivers to show on the hp site. I get the site but not all of it. help Tag: Securing web server to database services Tag: 47448
  - 2
    - how to purge search records Does anybody know how to purge/delete/remove previous search records from the search engine. Basically iwant to be able to get rid of all previuos searches that i have nade. I don't know whetehr its something to do with IE or registry. Any help would be much appreciated Tag: Securing web server to database services Tag: 47446
  - 3
    - Microsoft PKI/CA server setup Can I setup a CA server that functions as both root and issuing CA? And, can I setup a stand-alone CA (as opposed to an Enterprise CA) that can interact fully with AD as described in this MS wireless security setup documentation (See Planning Guide)? http://www.microsoft.com/downloads/details.aspx?FamilyID=cdb639b3-010b-47e7-b234-a27cda291dad&displaylang=e Thanks Tag: Securing web server to database services Tag: 47441
  - 4
    - Certsvc will not start After using a standard W2K certificate for about a year, I have found that my certsvc database is corrupt and the certificate service will no longer start. I receive and error message in my app and system logs that states the certificate database is corrupt. I can see my certificate, however, on my drive. How can I restore or correct the database issue Thanks. Tag: Securing web server to database services Tag: 47440
  - 5
    - Browser security changes I'm having difficulty changing my browser setting configuation to accept ssl 3.0w/ 128 bit encryption. Can someone walk me through this? Thanks! Tag: Securing web server to database services Tag: 47439
  - 6
    - Tools menu content advisor Can someone tell me why when I add a password under the content menu so I am asked for my password to view a website isnt working? I use it as security for unsafe sites for my younger boy. Thanks Roseanne Tag: Securing web server to database services Tag: 47436
  - 7
    - Server Room Does anyone know of a good wall mounted motion detector for server rooms that also has temperature, humidity, etc... sensors? I've done some looking and found a company called NetBotz that makes several models. Is anyone familiar with them or know of any other good solutions to what I'm looking for? Any suggestions are greatly appreciated. Thanks Tag: Securing web server to database services Tag: 47430
  - 8
    - Need help I forgot my address. Sorry.:) Tag: Securing web server to database services Tag: 47429
  - 9
    - machine certificate autoenrollment windows 2003 hi, the following configuration is set up: - windows 2003 domain - windows 2003 enterprise ca i created a new "computer" certificate template, copied the original one and issued this new template on the ca. i can request certificates for this template via certificates mmc on a workstation. when i try to add this template via gpo for autoenrollment, only the old v1 templates are visible (computer, domain controller, ipsec, etc) any ideas ? thanks in advanve steffan Tag: Securing web server to database services Tag: 47428
  - 10
    - Need help! A good friend of mine died and having been the finacial person of the family and had everything on the computer, his wife is having trouble getting access to this information. He had a folder in my documents named "MyMoney" that we can't open. She believes it's all of their information but it won't open. It simply says that it's too large for notepad to open. Can anyone give me any clues on how to go about opening something like this? If not, please direct me to someone who could. Thanks so much for your time. Darol Wester Tag: Securing web server to database services Tag: 47425
  - 11
    - PC unlock with smart card Hi, I've got a smart card logon system upon WindowsXP in client PC's. The smart card extraction policie indicates to lock the PC when the smart card is extracted from the reader. The smart card insertion unlocks the PC correctly. In some PC's only when the PC is locked for a long time (at lunch time for example) the smart card insertion does not unlock the PC. I have to reboot the PC to get the smart card logon system working again. Any ideas about what might be happening?, Has anybody experienced this behavior before?. Thanks Fernando Tag: Securing web server to database services Tag: 47420
  - 12
    - SNMP Security Questions I would like to be able to set up or change the community string, trap destinations and security settings for multiple servers from a central console. Has anyone seen a tool that will do this? SMS? Script? Thanks in advance! Tag: Securing web server to database services Tag: 47419
  - 13
    - reappearing file How do I remove a persistent, reappearing file #1, and how do I determine if it is malicious or OK #2? A file titled "~" reappears on my desktop, even after repeatedly sending it to the recycle bin, and then emptying the bin. Appreciate any help, thanks. Tag: Securing web server to database services Tag: 47417
  - 14
    - Certificates, the short of it If you raise a Certificate of Authority box, would you want to do this to put these onto machines that are allowed to log in or send to users who are allowed to log in? If you do so how does this affect someone working from home that are getting in using Citrix from a trusted domain? Just a short or relatively short explanation before I go reading much more, thanks, Tag: Securing web server to database services Tag: 47416
  - 15
    - Certificate Authority x Active Directory Hi everybody I need your help... I have a Domain controller (acme.com) and I have a Server with Certificate Authority without Active Directory. The Certificate Authority's machine is a member of acme.com Domain I need to allow the Domain Administrator manage all the certificates. But when I open the certificate authority, the option "duplicate template" isn't avaliable... What's the permissions to permit that my Domain Administrator have access to duplicate a certificate in Certificate Authority?? Thank you very much Tag: Securing web server to database services Tag: 47411
  - 16
    - antivirus problems Can anyone please help me? I've installed norton 2002 but it keeps crashing i've have tried other antivirus software and the same thing happens. The programe will run for about 20 seconds then just close down. Any help or suggestion???? . Tag: Securing web server to database services Tag: 47410
  - 17
    - Info on Norton Internet security Hi every one... Is there a "symantec news group" on NIS? I want more deep info on the product... I serch in symantec but i don't find to much interesting.... If some one could send me an url where i could find more info in NIS i will apriciated... Bye Dan Tag: Securing web server to database services Tag: 47405
  - 18
    - security risk or a backdoor program help me!!!! found several thousand new zip files in my computer, virus checker found during DOS run produced 4 suspictious temp files the first being this, c:\_RESTORE\TEMP\A0099303.CPY and then 3 more like it. I tried to delete them and can not ... what to do ???? Thank you, asap asap please have over 92,000 zip files added in a day. Tag: Securing web server to database services Tag: 47389
  - 19
    - internet access after installing the latest ms upgrade, my computer denies access to the internet. internet inquires go out but stop coming back. How fix? Tag: Securing web server to database services Tag: 47383
  - 20
    - No more Spyware There are so many posts here on people having problems with spyware so I thought I'd just post a new thread visible to all recommending Spywareblaster. I've used it 2 years and I've never had any spyware ever. Ofcourse, I've also known about many of the apps that came integrated with spyware and therefore never installed any of those either **This is what it does "By setting a "kill bit" for spyware ActiveX controls, SpywareBlaster can prevent the installation of any spyware ActiveX controls from a webpage. It does this while not interfering with "friendly" ActiveX controls - so your browser can work correctly and you can have peace of mind You won't get any more annoying "Yes/No" boxes popped up, asking you to install a spyware ActiveX control (which can increasingly be found in pop-up ads!). In fact, Internet Explorer will never even download or run the spyware ActiveX control! Site = http://www.javacoolsoftware.com/spywareblaster.htm If you already have spyware or want to scan your comp for such then there are already many posts recommending great apps like lavasofts app and Spybot Search & Destroy. Tag: Securing web server to database services Tag: 47366
  - 21
    - Storing logon information on a memory card? Is it possible to configure XP to store username and passowrd information on a memory card instead of the hard disk? My reason for asking is because when a computer is stolen, insurance replaces the hardware, backup media replaces the data, but usenames and passwords (The ones that pop-up on log on screens for all sorts of services when you have selected "save") are very dangerous to have in the hands of the thief. So I'm thinking, well... if I can have XP store all that sort of thing on a memory card instead of the hard disk I can just keep that in my wallet. Tag: Securing web server to database services Tag: 47358
  - 22
    - XP Home Password Never had password problem on this XP Home computer in the past, but recently a dialog box started popping up every few minutes asking for me to enter a password. I simply click "Cancel" and have no trouble with email or any other application. I don't remember my password so I can not reset it. I use Outlook within my Act contact manager, so I am not sure if the problem is in Act e-mail or outlook. How can I prevent this dialog from reappearing? Please send copy of reply to fgrange@grange1.com Tag: Securing web server to database services Tag: 47356
  - 23
    - help please!!!!!! someone jacked my acount and chenged my secret ansew and my password. Tag: Securing web server to database services Tag: 47350
  - 24
    - Suspicious Programs - Startup I have found the following programs on my computer and is trying to determine if they are spywares: SK9910DM.EXE NWIZ.EXE WD (WORM DETECTOR) ebot Does anyone know of a service or a way that I can find out about these things. They are not showing up in a directory either. Tag: Securing web server to database services Tag: 47345
  - 25
    - kazaagold I have downloaded kazaagold but get the message "page cannot be displayed". I contacted kazaa support who suggested removing firewall and antivirus in order to access, but how safe would this be? Tag: Securing web server to database services Tag: 47343
- Next
  - 1
    - Norton Antivirus Have NA 2003 and the updates will not run. Any suggestions?? TIA Tag: Securing web server to database services Tag: 47329
  - 2
    - seekseek In response to ECM, I am trying to remove spyware from my PC and upon posting my own questions, I read the one about spyhunter and seek seek, well, I am using spyhunter to scan and it found seek seek on mine too. I also just used spykiller to scan and seek seek didnt come up. if you have any updates on the infamous seek seek and spyhunter, please let me know! Tag: Securing web server to database services Tag: 47324
  - 3
    - supervisor password How do I reset the supervisor password on the content advisor page??? Tag: Securing web server to database services Tag: 47323
  - 4
    - This Page can not be displayed I am using windows XP home, and the warning I get is just that, this page can not be displayed, I use to be able to get this with no problems, but after instaling MSN8. The problem started and I removed MSN8 and the problem contenued. I'm a bit of a computer dumby so I need things explained, Thank you for any help you may be able to offer Tag: Securing web server to database services Tag: 47318
  - 5
    - Port security manager panel ?? Why is there not a security panel for managing and opening ports? Unlike a firewall it would watch the programs and the loading of DLL files and scripting with in windows with rules. Ports left open are like doors left open in your home, Right? Or think of this one, you own a home and arrange the furniture, then go out for the evening and come home to find that someone had a key to you home and added some furniture that you have to remove. It would be nice to see a panel that would watch ports that are opened by unwanted programs. Also I think that in order for any program to open a port to the outside it should have a signed certificate in order to open a port, like a key. If you don't chat why should I leave that port open? If the door bell rings or the phone rings and you don't want to talk to anyone you don't answer right? If you where working on a photo or video editing would you want an internet window to pop up with ads - "thinking" you're not connected to the internet? How about gaming when a add pops up, not fun! This is why there has to be some sort of control over the doorways of your computer. There are a lot of open ports that I really don't need all the time. With a security panel you could open it and see what's open or maybe set rules for say when you're gaming to close off extra ports or just block off that spy wear you just got before you figure out how to remove it. Norton's personal firewall has such a thing but it is limited. Tag: Securing web server to database services Tag: 47311
  - 6
    - Using Smartcards for Login WinXP I would like to use smartcards to provide login authenication on WinXP workstations with Backoffice 2000 as the server. I have Gemplus gcr410 readers that work fine, but I don't know what I have to do to program a card to apply to one user and create a PIN. If you could point me to a source for infomation I would be grateful. Tag: Securing web server to database services Tag: 47310
  - 7
    - Spyhunter by Enigma Software - crapware? I'm posting here because I'm not sure where else to post - I'm wondering about this Spyhunter program. I came across it while I was looking for a quick cheap malware scanner. It told me I have "seek seek", a homepage hijacker. I then found out that the downloaded program's a crippleware version, it scans but doesn't fix anything without boocoo bucks. The "bad" registry entry was at: HKEY_CLASSES_ROOT\interface\{57A0E747-3863-4D20-A811-950C84F1DB9B} regedit tells me that this key contains the data "IFlashAccessability". So, I continued my search, going on to the trusty old AdAware and SpyBot packages. I scanned with the latest versions - they found a bunch of bad cookies, but no "seek seek" or any other hijacker problem; no malware was found. I did a little research, and found cwshredder, recommended for removing CoolWebSearch, a nasty hijacker that possibly may be the parent of seek seek. It found nothing at all. I even tried the latest version of Hijack This; it didn't pick out the registry key that Spyhunter was worried about, although it doesn't like Microsoft Money or ATI's drivers at all..... After all this, I re-ran Spyhunter - and "seek seek" is still there. What's the deal? I can't find "seek seek" on any of the malware lists; none of the other packages have found anything remotely like it in my registry. I'm not normally a suspicious person, but.... is "seek seek" just a ploy to get me to buy Spyhunter? Or do I have a homepage hijacker? Any info would be appreciated! Thanks, ECM ~~~~~ Please reply to the newsgroup, the email's a spam trap. Thanks! Tag: Securing web server to database services Tag: 47307
  - 8
    - Norton Antivirus at startup Could anyone tell me what paths/files need to be listed and checked in the STARTUP and SERVICES tabs of msconfig to run NAV at startup? I am having major problems Cheers Tag: Securing web server to database services Tag: 47303
  - 9
    - spyhunter I recently received a popup that said spyware was detected in my computer. It told me I could download spyhunter for free to get rid of it. Has anyone heard of spyhunter? Is it safe or is it just a scam or a virus like spyware? Tag: Securing web server to database services Tag: 47301
  - 10
    - spyware can anyone tell me where i can remove spyware free of charge Tag: Securing web server to database services Tag: 47296
  - 11
    - KB828026 Every day the automatic update downloads and installs this patch but it never takes. I have even tried with my firewall and zone alarm turned off. Any ideas? Thanks Tag: Securing web server to database services Tag: 47289
  - 12
    - This page can not be displayed A while ago , I installed MSN8, and I had a problem with going anywhere on the net, so I uninstalled MSN8 and discontenued My account with them, But for some reason, there are still some places I can not view, PayPal in one of them and I need to view this page for a small business we run, I've tried to set internet options and security settings, I don't know why I can't view pay pal, at ebay Can anyone help me, Tag: Securing web server to database services Tag: 47287
  - 13
    - KB832894 won't stick on XP Pro For the last couple of weeks, my Automatic Updates have popped up to install KB832894. I allow it to install, but a few minutes later the icon pops up saying that I need to install it (as if I never did). I have gone to the support site and physically downloaded it as well, but get the same result. Consequently, it does not show up under "currenty installed programs" in the Control Panel at all. Any ideas? Thanks in advance. John Cavanaugh Tag: Securing web server to database services Tag: 47286
  - 14
    - microsoft e-mail internet explorer I recently received an e-mail from microsoft recommending a security patch download. The instructions were to click yes on the attachment, only I cannot open or see any attachment. I receive regular windows updates automatically do you think that will have been included? Many Thanks for your help Ian Tag: Securing web server to database services Tag: 47281
  - 15
    - port scan attacks I have been geeting chronic port scan attacks from remote address 127.0.0.1 port 20480 ever since I did Christmas shopping.How do I stop this and who do I report this to?I have a firewall that has intercepted all so far as I know but sooner or later???Thanks so much for any help. Tag: Securing web server to database services Tag: 47262
  - 16
    - Security update 823559 Why does Microsoft's Security Update engine constantly tell me I need to download # 823559 when it has been done at least 6 times in the last 3 months? The popup windows are getting a little annoying only to find I AM up to date except for this one file. Me thinks there is a bug flying around! Tag: Securing web server to database services Tag: 47251
  - 17
    - Screensaver Password - forgot Hi, I was trying to set up my screensaver with a new password and seem to have forgotten my old password. Is there either a way to bypass putting in the old password; or is there a way to retrieve the old password so I can carry on? Tag: Securing web server to database services Tag: 47230
  - 18
    - Continued attacks I just reinstalled (clean install) Windows XP for the 5th time. Although I'm taking precautions, it appears that these are not enough, because everytime I connect to the Internet (particularly with Earthlink) I am hit by a particularly nasty virus (most recently all my profiles were completely corrupted). I will now wait until I receive my service pack CD's by mail. Two questions: Is it possible to be specifically targeted (although I can't possibly imagine why), how is this done, and how do I protect myself? Also, I will be reinstalling Norton AV 2004 and running Live Update, downloading Spybot again, and once the latest CD has been installed (patches through 10/03), running Windows Update. Any recommendations on which order I should do the above? Tag: Securing web server to database services Tag: 47229
  - 19
    - MS04-003 Q23483 MDAC hot fix setup switches What are the correct setup switches for an unattended (batch) installation of this hot fix? I've tried the help file, previous MDAC hot fix & full MDAC setup switches but they don't seem to work. Is there a KB I've overlooked? TIA Ray Tag: Securing web server to database services Tag: 47228
  - 20
    - Microsoft update pop ups I keep getting pop-ups to install security update #811493. It happened so much that the number looked so familiar that I checked my installation history at the Microsoft site. I have already installed the same number 10 times! What is happening Tag: Securing web server to database services Tag: 47227
  - 21
    - w32.Mydoom.f@mm Hello: jcorn@ytci.com has infected my Outlook Express. Norton Anti Virus deletes it, but I get no other e-mail after that. What can I do ? Bob Tag: Securing web server to database services Tag: 47219
  - 22
    - New Microsoft Security cd we have 2 computers, one runs 98se & the other runs XP. Can the security cd be used on both? Tag: Securing web server to database services Tag: 47217
  - 23
    - Email Scam I got an email from fourie1500@indiatimes.com, its an obvious scam to try to steal my identity. Here is a little excerpt: "I want to present you as the owner of the funds so you can be able to claim them with the help of my attorney. This is simple.I will like you to provide immediately your full names and address so that the Attorney will prepare the necessary documents which will put you in place as the beneficiary of the funds." Who can I report this to so that they can bust these guys? I did a who is search on the domain name and it came back with this: Registrant: Bennett Coleman & Co Ltd (INDIATIMES-DOM) Times House, 7 Bahadur Shah Zafar Marg New Delhi, Delhi 110002 IN Domain Name: INDIATIMES.COM Administrative Contact, Technical Contact: Gulati, Raman (20797214I) raman.gulati@TIMESGROUP.COM Bennett, Coleman & Co. Ltd. Times House, 7 Bahadurshah Zafar Marg Delhi 110002 New Delhi, New Delhi 110002 IN 91-11-23492134 fax: 91-11-23492077 Tag: Securing web server to database services Tag: 47207
  - 24
    - Security update packages Where do I go to get a complete package of security updates (for XP)that I can install prior to connecting to the internet. This is for an upgraded PC and M/B. Tag: Securing web server to database services Tag: 47206
  - 25
    - update reminder "spam" emails Microsoft sends me upwards of 10 emails a day, and has done for ages, telling me to install the Feb 2004 critical patch update. I did that, but the emails keep coming. How do I tell Microsoft to stop clogging up my inbox? Many thanks Haze Tag: Securing web server to database services Tag: 47199

I have a PC running XP pro setup as a Web server that talks to a MS W2K server hosting MS SQL server 2000 to retrieve data to build reports for external clients. We are not in production yet and would like to restrict traffic between DMZ and internal application server to minimum requirments for this process to proceed.

I need to setup Firewall policies etc

What service port numbers need to be passed to let MS and SQL authenication work between web service and SQL service

Thanks
Christian Ormstru
cormstrup@tmi-canada.com

Top

Re: Securing web server to database services by S

S
Tue Mar 02 05:26:31 CST 2004

Depends on the type of authentication you're going to use. You'll need to
pass SQL TDS traffic on port 1433/TCP - extra ports are required in case
you're implementing NT integrated/Kerberos authentication, in that case
details may vary and I'd suggest doing capture/analysis of the traffic b/wee
client, server and domain controllers.

--
Svyatoslav Pidgorny, MVP, MCSE
-= F1 is the key =-

"Christian Ormstrup" <anonymous@discussions.microsoft.com> wrote in message
news:E192B49A-2FB7-4C5E-883A-9CBFD27AF624@microsoft.com...
> I have a PC running XP pro setup as a Web server that talks to a MS W2K
server hosting MS SQL server 2000 to retrieve data to build reports for
external clients. We are not in production yet and would like to restrict
traffic between DMZ and internal application server to minimum requirments
for this process to proceed.
>
> I need to setup Firewall policies etc.
>
> What service port numbers need to be passed to let MS and SQL
authenication work between web service and SQL service?
>
> Thanks
> Christian Ormstrup
> cormstrup@tmi-canada.com

Top