1

When Connecting from clients (such as Windows) to remote databases such as (MS-SQL Server), it is usually advised that this connection be via a service that runs on the database server.

It is possible to establish such connection without a service using ODBC driver. Some ODBC drivers offer SSL. I assume this method would require opening a port on the database server.

My questions are:

  • Would connection client to a remote database using SSL could be considered "as secure" as connecting via a service?

  • Is it less secure only because of the port opening requirement?

  • Is there a way to make ODBC connection a good solution from security perspective?

Note: I understand that words like good, secure, etc. are relative and somewhat vague, however, I am limited to the vocabulary I know.

Thanks.

NoChance
  • 185
  • 1
  • 9

1 Answers1

1

If you are connecting to a service on database-server, that service also needs to listen to a port. Not using an ODBC driver depends on the application at client-side. ODBC is intended to allow several applications (like e.g Word) to make connection to a database.

Opening ports of course should be limited as much as possible, but sometimes ain't possible. The database in this case needs to be listening to a port, to allow incoming packets. As long as the software/service using that port are secure and stay often updated, you should be okay.

Besides that, SSL is more secure that a standard connection. This because SSL encrypts the connection. ODBC can be used with loads of protocols, including secure ones.

Did this answer your question?

O'Niel
  • 2,740
  • 3
  • 17
  • 28
  • Thank you for your answer, however, I am afraid it does not answer the questions. I reformatted the question text, maybe now the questions are more clear. Thanks again. – NoChance Jul 23 '16 at 14:46