This may sound elementary, but I have to answer questions from an auditor. We have a standard IIS Asp.Net site using SQL Server. We have encrypted the connection strings in web.config, but it seems to me this only protects the web.config file itself, since decryption is done right on the same IIS machine for ASP.Net to use to authenticate to SQL Server.
The question I'm being asked, and have never given it much thought, is: when IIS authenticates with SQL Server, are the now decrypted credentials sent to SQL Server in cleartext? Or is there some sort of out-of-the-box standard encrypted method in which IIS authenticates with SQL Server? If so, how strong is the method used?
Thanks,
James
Related
Let me first describe the actual situation: We want to build a new SQL Server enviroment based on SQL Server 2016. AS you may know, in SQL Server 2016 the mobile reports from Datazen are integrated. So far so good. The Problem: In our current Enviroment, there is one internal Datazen Server and one external server. The external Datazen server exists only to read data from the internal one. So there is no direct Data Access (to Data Sources), the administration part is disabled and only the needed Services (to read from internal server) are installed. We want to build that same archtiecture in SQL Server 2016 Reporting Services. Do you know any way to do that?
I thought the best solution was a second SQL Server with Reporting Services but only read access on the other SQL Server (didn't found any setting like this).
We don't want the internal server to be accessible over the web beacause of security.
interesting question, but not sure i understand correctly ;) what do you mean with "the external datazen Server exists only to read data from the internal one"? How does this configuration look like? Do you have a sale out Deployment where the external Servers hosts "Web Application" and "Share Cache Instance" while internal Server hosts "Data Acquisition" and the same roles as the external Server?
In SSRS you can also Scale out web frontends, but all Servers will act as "data acquisition server" to stay in datazen terminology. Do you have security concerns with this topology? Whats the difference to have the data "read only" in DMZ or connect from DMZ/external Server to internal datasources? One Option would be to do a secure Application Publishing of internal SSRS Server with a Firewall like Microsoft ISA Server
I want to fetch the attachments present in the documents of a view in Lotus Notes Application and send them to sql table, can we do that?
Is there any limitations on connecting Domino server and SQL server (eg. they should be present in same lan etc.?)
Yes, you can for instance create a Java agent that uses the MySQL JDBC driver to connect to MySQL. You can then process the required documents and attachments.
Keith Strickland has blogged about using XPages and Java to connect to MySQL. Perhaps this an be useful for you.
The Domino server obviously needs to be able to connect to the MySQL server in terms of network access and authorization to use the MySQL server.
I'm working on an application in VB.NET that has to connect to a MySQL database and FTP. How secure is it if I used it in an application that I gave to other people. E.g. if I was to let other people use this application would they be able to find out the MySQL and FTP connection details through intercepting packets or something like that?
If that's the case how can I work round this? Also, part of my application is an uploader for users to upload files, is FTP secure for that or are there better alternatives ways in doing that? My server is a Windows Server 08 if that makes any difference.
Thanks in advance.
FTP is plaintext. It is very easy to get user names and passwords just by packet sniffing. If the ftp is supposed to be secure rather look ay sftp or ftps solutions. These use SSL type encryption on the network layer. Never ever use a ftp server for sensitive information.
MySQL traffic can also be sniffed though it is considerably harder to reverse engineer the protocol. If data has to flow between client and mysql in a secured fashion you can configure mysql to use SSL certificates to encrypt the information. This will ensure security is of highest standards.
It depends, but as per Accessing SQL Server with Explicit Credentials article and it is applicable to MySql as well:
The recommended method is to store the predetermined user name and
password on the server, and then read it and add it to the connection
string at run time. An advantage of this technique is that your
application can access the database using different credentials under
different circumstances, depending on what it needs to do in the
database.
Security Note Never hard-code credentials as strings into programs in your application. Anyone who can get access to the code
file, even the compiled code, will be able to get at the credentials.
Security Note Always give a predetermined user name the minimal access privileges to a resource. Never use "sa" or any other
administrative-level user name. Always use passwords
I have few ssrs 2008 reports.I have created group of users and gave all required permissions to that group.
Now when I am running those reports I am getting strange error.
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'
I don't know from where it came.
I got suggestion that its a issue related to Kerberos authentication. Please some one knows how to solve this let me know.
Or some one knows to solve this kerberos issue also tell me in steps if possible.
Thanks
Vik
Are your reports using pass-through integrated authentication, defined user integrated authentication, or sql user authentication? I suspect the first, in which case you're dealing with the difference between impersonation and delegation.
When connecting to a web server using integrated authentication, behind the scenes you are actually using NTLM or Kerberos. Both allow the process running your web server to act as you. NTLM's impersonation via security token prevents the server from connecting to yet another server as you (that is, to the DB server) and there acting as you again—this is the "double-hop" problem. Kerberos instead uses delegation, passing a ticket around that each server can check for validity and allow.
To get Kerberos working there are several requirements.
If you're connecting to the web server using a name other than its main DNS name (using as an alias) you have to register the alias as valid for the machine with SetSPN. You can have problems with the SPN (Service Principal Name) even without this. Check the SPN on your servers carefully to see if it matches what you expect.
The server you initially connect to must be "trusted for delegation" in your domain policy.
The user that your web server is running under must be "trusted for delegation" as well.
You can work around all this stuff by just making your reports have stored credentials of some sort rather than using pass-through authentication.
The difference between dev and test could be the IIS user, or the data source.
Now, I am assuming here that you're not using SharePoint and are just doing a normal SSRS web install. So if that is not correct please say so.
My problems is as follows. I use a SQL Server 2008 database. I don't want to put db passwords in plain text on my configuration. I know that there is an option to encrypt the app.config like the following article explains, but in my case I don't think it is sufficiently secure. Someone proposed that I will try to search for a way to use client side certificates to connect the database. I could not find a way to do it and appreciate your help here.
Many thanks,
ikaso
Based on comments to the quesion..
If you use "Windows Authentication" then no passwords are needed.
The credentials are taken from the token of the logged in user. The "logged in" user can be
A human using some app
IIS App Pool credentials
Windows Service credentials
So the password entry is done when configuring IIS or the service, or when the human logs in.
This assumes a domain of course...