• United States

Security issues with ODBC in client/server and wireless nets

Jun 14, 20041 min
Cellular NetworksMobileNetworking

What security implications are there in using Open Database Connectivity in a client/server environment? Can we use it over a wireless LAN?

ODBC does not encrypt your data for transmission, so to provide security for the database traffic you need to tunnel the ODBC traffic through the network using Secure Shell, Secure Sockets Layer, Point-to-Point Tunneling Protocol/Layer 2 Tunneling Protocol or IPSec.

Depending on your wireless configuration, you might have some protection in place for wireless traffic. If you have a VPN, you usually can use that to create encrypted connections between systems in your network and from outside.

If you are starting from scratch you can create point-to-point SSH tunnels with OpenSSH or one of the commercial SSH packages. Or if both systems run Windows, you can build SSL VPN tunnels using OpenVPN or the Microsoft VPN tools found under Dial Up Networking to establish secure connections between clients and server for your ODBC traffic. SSH port forwarding is fairly easy to implement if you are an administrator for only a few connections.

The VPN tools install like network adapters and are easier to deploy to large numbers of clients, including those connecting over a wireless LAN.