Tom's Hardware > Forum > General Networking > Firewall > Blocking IP/MAC address with firewall...

Blocking IP/MAC address with firewall...

Forum General Networking : Firewall - Blocking IP/MAC address with firewall...

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   05-02-2004 at 10:20:35 PM

Archived from groups: comp.security.firewalls (More info?)

 

I have a server running SQL Server. I want the database to be
accessable to some other computers over the internet. Simply opening
the SQL port would be very insecure. Also, I don't think that using a
VPN would be very practical for what I'm looking to do.
I'm thinking that the best solution would be to use a firewall that
can block computers based on their IP or MAC address. So it would
have a list of IPs or MAC addresses that would be allowed to get
through to the SQL port and all other computers would be blocked and
could not access SQL server.
Is it possible to do this using the windows firewall? If not, what's
the best software or hardware solution to do this? Are there any
routers that can do this? It is very important that if this is a
software solution it must be very stable, it can't ever crash the
server.
Any suggestions?

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   05-03-2004 at 11:29:28 AM
- 0 +

Archived from groups: comp.security.firewalls (More info?)

 

Ray Lavelle wrote:

> I have a server running SQL Server. I want the database to be
> accessable to some other computers over the internet. Simply opening
> the SQL port would be very insecure. Also, I don't think that using a
> VPN would be very practical for what I'm looking to do.
> I'm thinking that the best solution would be to use a firewall that
> can block computers based on their IP or MAC address. So it would
> have a list of IPs or MAC addresses that would be allowed to get
> through to the SQL port and all other computers would be blocked and
> could not access SQL server.
> Is it possible to do this using the windows firewall?

I'm not sure. I know IPTables can do this, and most windows firewalls can
block by IP....

> If not, what's
> the best software or hardware solution to do this?

Your own -- get Linux and use that as a router/firewall.

> Are there any
> routers that can do this?

Your own....

> It is very important that if this is a
> software solution it must be very stable, it can't ever crash the
> server.

This would be independent of the SQL server -- set up an old computer as a
Linux router.

> Any suggestions?

Smoothwall 2.0 ?

--
Marriage is a great institution -- but I'm not ready for an institution yet.
-- Mae West

Reply to Anonymous
Anonymous   05-03-2004 at 01:36:59 PM
- 0 +

Archived from groups: comp.security.firewalls (More info?)

 

On 2 May 2004 16:20:35 -0700, Ray Lavelle spoketh

>I have a server running SQL Server. I want the database to be
>accessable to some other computers over the internet. Simply opening
>the SQL port would be very insecure. Also, I don't think that using a
>VPN would be very practical for what I'm looking to do.
>I'm thinking that the best solution would be to use a firewall that
>can block computers based on their IP or MAC address. So it would
>have a list of IPs or MAC addresses that would be allowed to get
>through to the SQL port and all other computers would be blocked and
>could not access SQL server.
>Is it possible to do this using the windows firewall? If not, what's
>the best software or hardware solution to do this? Are there any
>routers that can do this? It is very important that if this is a
>software solution it must be very stable, it can't ever crash the
>server.
>Any suggestions?

You can't do it with MAC addresses, as they are irrelevant on the
internet. They get changed with every router the packet passes through.

Most firewall appliances can allow/deny traffic based on source and/or
destination IP address. It should be a fairly simple task with one of
these devices to create a rule allowing SQL traffic for IP address
a.b.c.d.

And, a firewall appliance won't crash your computer...


Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > General Networking > Firewall > Blocking IP/MAC address with firewall...
Go to:

There are 1267 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.216 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
How do I win badges?