|
Posted by Leythos on October 3, 2007, 9:43 am
If you were Registered and logged in, you could reply and use other advanced thread options
>
> > > Hi there.
> > > The program I wrote is used to access a remote database via a TCP
> > > connection.
> >
> > Does it do it through a VPN connection?
> >
> > If not, then it's a risk and should be rethought.
>
>
> Thank you for your interest in the security aspect of the question,
> but this was not the topic of my post (I'm not the security designer!)
>
> I'm looking for the best method to work-around the problem from the
> source-code point of view.
Then you're looking at it from the wrong side.
Once you've been given access through a tunnel then you don't have to
worry about time-outs.
> I cannot nor want change anything in the topology of the network.
> However: clients and DBs are inside a 10.x.x.x network that is
> unaccessible (!) from the outside world.
> The FW is intended as part of a 'segmentation-policy' of the
> enterprise network.
>
> I add that the FW doesnt require authentication.
You clearly said that the DB's were protected by a firewall and that you
access them remotely.
If the firewall is setup properly and you have a secure tunnel, there is
no timeout and you don't need to change your solution.
So, either you didn't write your program to close and open the
connection as needed, which is a bad move, or you don't have a secure
tunnel and proper firewall setup.
So, with that being the case, have you asked the firewall controller
about the timeout?
Have you considered properly coding your app to open/close connections
as needed instead of leaving the connection open all the time?
--
Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)
| 
XML site map