Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase 12»»

IP Restriction Feature Expand / Collapse
Author
Message
Posted Monday, August 26, 2013 12:01 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Wednesday, March 12, 2014 12:13 AM
Points: 258, Visits: 690


There should be a feature in database to allow only certain IPs to delete the data. Can we keep a log of the ip address when a record is deleted will help. Is their any solution for this.. please revert your expert advice








************************************
Every Dog has a Tail !!!!!
Post #1488288
Posted Monday, August 26, 2013 2:32 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Wednesday, March 12, 2014 12:13 AM
Points: 258, Visits: 690
48 viewed and 0 replies







************************************
Every Dog has a Tail !!!!!
Post #1488325
Posted Monday, August 26, 2013 2:56 AM


SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Today @ 8:55 AM
Points: 13,570, Visits: 11,383
So if I log into a coworkers computer using my own domain account, I can suddenly have more privileges because I'm using another IP? Awesome, this makes hacking so much easier



How to post forum questions.
Need an answer? No, you need a question.
What’s the deal with Excel & SSIS?

Member of LinkedIn. My blog at LessThanDot.

MCSA SQL Server 2012 - MCSE Business Intelligence
Post #1488330
Posted Monday, August 26, 2013 3:59 AM


SSC-Forever

SSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-Forever

Group: General Forum Members
Last Login: Today @ 8:31 AM
Points: 40,456, Visits: 36,912
It's called triggers and audits, along with properly configured security (minimal permissions)


Gail Shaw
Microsoft Certified Master: SQL Server 2008, MVP
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #1488336
Posted Monday, August 26, 2013 10:57 AM


SSC Journeyman

SSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC Journeyman

Group: General Forum Members
Last Login: Today @ 5:14 AM
Points: 92, Visits: 2,550
If I remember right MySQL has such features. One is able to specify different grants by IP addresses.
Post #1488459
Posted Monday, August 26, 2013 10:10 PM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Wednesday, March 12, 2014 12:13 AM
Points: 258, Visits: 690
Anything for SQL 2008????







************************************
Every Dog has a Tail !!!!!
Post #1488542
Posted Tuesday, August 27, 2013 2:42 AM


SSC-Forever

SSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-ForeverSSC-Forever

Group: General Forum Members
Last Login: Today @ 8:31 AM
Points: 40,456, Visits: 36,912
Yes

GilaMonster (8/26/2013)
It's called triggers and audits, along with properly configured security (minimal permissions)



Gail Shaw
Microsoft Certified Master: SQL Server 2008, MVP
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #1488616
Posted Tuesday, August 27, 2013 2:51 AM
Mr or Mrs. 500

Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500

Group: General Forum Members
Last Login: 2 days ago @ 7:41 AM
Points: 519, Visits: 266
Why would you be interested in the IP address if your using DNS and DHCP. Have a play with

SELECT
conn.session_ID as SPID,
conn.client_net_address as IPAddress,
sess.host_name as MachineName,
sess.program_name as ApplicationName,
login_name as LoginName
FROM sys.dm_exec_connections conn
inner join sys.dm_exec_sessions sess
on conn.session_ID=sess.session_ID


and triggers depending on the version of SQL you are using.
Post #1488622
Posted Tuesday, August 27, 2013 4:54 AM


SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Today @ 1:08 PM
Points: 12,927, Visits: 32,333
I suspect the core issue is that everyone logged in has sysadmin or dbo priviledges and instead of fixing that as gail implied with proper security, you are looking for a bandaid approach to limit by ip address.

If you fix your security model by creating roles with the expected permissions, you gain twofold : a better security model and directly addressi g the overpriviledges problem while still fixing the problem itself


Lowell

--There is no spoon, and there's no default ORDER BY in sql server either.
Actually, Common Sense is so rare, it should be considered a Superpower. --my son
Post #1488673
Posted Tuesday, August 27, 2013 6:05 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Wednesday, March 12, 2014 12:13 AM
Points: 258, Visits: 690
Jason.Reeves (8/27/2013)
Why would you be interested in the IP address if your using DNS and DHCP. Have a play with

SELECT
conn.session_ID as SPID,
conn.client_net_address as IPAddress,
sess.host_name as MachineName,
sess.program_name as ApplicationName,
login_name as LoginName
FROM sys.dm_exec_connections conn
inner join sys.dm_exec_sessions sess
on conn.session_ID=sess.session_ID


and triggers depending on the version of SQL you are using.


What will this query result??? please brief.. i ran it & got some records but what will i have to do next & read in it???








************************************
Every Dog has a Tail !!!!!
Post #1488700
« Prev Topic | Next Topic »

Add to briefcase 12»»

Permissions Expand / Collapse