Support Forums - View Thread

View Thread

The following is the text of the current message along with any replies.

Messages 1 to 4 of 4 total

EDB-Server -> Internet -> EDB-Client Security?

Wed, May 3 2023 10:18 AM	Permanent Link
Heiko Knuettel	Hi guys, just checking: Accessing an EDB Server over the internet without the use of a VPN is probably, despite encryption, not a good idea security wise, because I'm transmitting the credentials unencrypted. Is this correct? And/or is somebody aware of a solution that doesn't require a vpn client but could be built into the client application? Thanks in advance, Heiko
Thu, May 4 2023 6:14 AM	Permanent Link
Roy Lambert NLH Associates Team Elevate	Heiko I have no idea wether logon credentials are sent in plaintext or not and these days I don't have a server to set up and test. I'd suggest using something like Wireshark to inspect the packets sent. If you want to build something in it would need to be both at the client and the server Roy Lambert
Thu, May 4 2023 8:47 AM	Permanent Link
Heiko Knuettel	Roy Thanks! Sometimes one should just RTFM... "However, even if the RemoteEncryption property is set to False, the RemoteEncryptionPassword property will be used to encrypt any login information sent to the ElevateDB Server, so the RemoteEncryptionPassword must always match the corresponding server encryption password for session communciations or logins will be unsuccessful" And yeah, if I want additional security, a "tunnel" that wraps around the EDB traffic, it sure would have to be in the server as well as in the client. Heiko
Fri, May 5 2023 2:18 AM	Permanent Link
Roy Lambert NLH Associates Team Elevate	Heiko <<Sometimes one should just RTFM...>> Reading the manual is for wimps! Roy Lambert