Freelancers Network
 
skill list top cap
Homepage
Join the Freelancer's Network
Update your details
Find a freelancer
Post a project
Find a project
Projects Archive
Post a job
Find a job
Jobs Archive
See Dan's Pages
See Andy's Pages
Link to this site
Resources
Join/Leave Forum
Forum Messages
+Additions+ Adverts
Advertising
Contact Us
Subscribe to our newsletter - enter your email address and hit return
Freelancers.net is owned and operated by Andy Stowell and Dan Winchester
skill list end cap
guru web hostcom

Find me again on Freelancers.net

Re: FN-FORUM beginning with databases

date posted 18th April 2001 23:17

However, most of the holes arise from crappy server/network management.
Remember all the lovely little holes we used to find in Unix? I don't
really think it's any worse really.
Kathy
----- Original Message -----
From: "ecky" [EMAIL REMOVED]
To: [EMAIL REMOVED]
Sent: 18 April 2001 22:04
Subject: Re: FN-FORUM beginning with databases


> heh heh, i can give you a start on those holes - however there are a
lot! :)
>
> a better look is at: http://neworder.box.sk
>
> most of the problems are due to microsofts almost communistic view of
> programming - DCOM is a wonderful example, calling an object on a
remote
> server... also there are network managers who are unaware of certain
> things. our previous one didnt seem to realise that theres a little
tickbox
> to stop the FSO being able to wander outside its parent directory (an
> ex-collegue showed our directors this on a few free web hosts and
shocked
> their socks off). also if they are unaware about some components
abilities
> this can cause hassles - several upload components also allow you to
> register components via ASP which is very dangerous. especially if
someone
> ever emualtes the virus i made (dont worry it isnt 'infectious' but it
> destroys backups as well and it was just a test to see if an idea
worked so
> dont flame me!)
>
> there is also the almost annually announced new ways of reading your
source
> code - in IIS5 you can at least encrypt your source (you have to
remember to
> keep a back up! :) ) - but there may still be servers out there open
to
> attack via $DATA and translate:f and various others. some even show
the
> code for global.asa (interdev places your connections as a application
> object there - personally i use UDL which afaik is as secure as you
get as
> long as you place it outside the inetpub). if your source code can be
read
> then they may get a password for your db which can be a very bad
thing.
>
> there are plenty of patches, but plenty of holes as well - have a
gander
> here: http://www.microsoft.com/technet/security/
>
> ----- Original Message -----
> From: "David Taylor" [EMAIL REMOVED]
> To: [EMAIL REMOVED]
> Sent: Wednesday, April 18, 2001 6:05 PM
> Subject: RE: FN-FORUM beginning with databases
>
>
> > Care to elaborate on these security holes in ASP, Dave?
> >
> >
> > -----Original Message-----
> > From: [EMAIL REMOVED]
> > [EMAIL REMOVED] Behalf Of dave ecky
> > Sent: 18 April 2001 17:43
> > To: [EMAIL REMOVED]
> > Subject: Re: FN-FORUM beginning with databases
> >
> >
> > databases are pretty easy once you get used to them and waded
through the
> > spoddish bull that the writers of database books so delight in.
once
> you've
> > got the idea of minimising the amount of repeated information the
> > design/relationships aspect all falls into place and sql is a pretty
> simple
> > language to work out.
> >
> > access is a good starter database while asp is a good starting
language
> due
> > its simplicity, extensibility and power (albeit with security holes
a
> > chinese plane could fly through without hitting an american one).
if you
> > know your html you might want to look at coldfusion which is a
doddle to
> > learn and follows a similar structure to html. i wouldnt touch
oracle
> just
> > yet - although once youve got the hang of access try sql server, its
good
> > but not as good as microsoft seems to think it is.
> >
> > as for resources try www.webmonkey.com and www.4guysfromrolla.com
both of
> > these are excellent resources for asp/database, plus this forum is
also a
> > great resource whatever language you take up.
> >
> > hth
> >
> > dave ecky
> >
> > David Eckersall
> > Kinetic North Limited
> > A member of the Wize Group of companies
> > Reg Co No 4100142
> > Reg Office and Business Address
> > St James House, Wellington Road North
> > Stockport SK4 2QN
> > Office Tel - 00 44 161 975 5900
> > Office Fax - 00 44 161 975 5924
> > Web - http://www.kineticnorth.com
> >
> > This communication contains information which is confidential and
may also
> > be privileged. It is for the exclusive use of the intended
recipient(s).
> If
> > you are not the intended recipient(s) please note that any form of
> > distribution, copying or use of this communication or the
information in
> it
> > is strictly prohibited and may be unlawful. If you have received
this
> > communication in error please return it to the sender. Internet
e-mails
> are
> > not necessarily secure. Kinetic North Limited does not accept
> responsibility
> > for changes made to this message after it was sent. Our messages are
> checked
> > for viruses but please note that we do not accept liability for any
> viruses
> > which may be transmitted in or with this message.
> >
> > ----- Original Message -----
> > From: "Simon Raistrick" [EMAIL REMOVED]
> > To: [EMAIL REMOVED]
> > Sent: Wednesday, April 18, 2001 4:53 PM
> > Subject: FN-FORUM beginning with databases
> >
> >
> > > Hi
> > >
> > > I want to get going with databases but don't really know where to
start,
> > and
> > > wondered if anyone could help me. My main intended use is building
a
> > > database driven web site.
> > >
> > > I have a book on SQL, and am learning it, although it's all
abstract as
> I
> > > have nothing to use it with. I was thinking of going the Microsoft
> route,
> > > but what would I use to actually build the database? SQL server?
I'm
> > afraid
> > > this is the bit I don't quite understand. I've been told MS Access
is
> not
> > > very scaleable and Oracle is very hard to set up.
> > >
> > > I'm ready and poised to go buy another book to get this SQL stuff
into
> > > context, and cant wait to get something going so I can play with
this
> > stuff
> > > (which is of course a great way to learn too). Eventually I want
to get
> my
> > > head round ASP as well.
> > >
> > > If anyone can help get my muddled concepts into some kind of
order, and
> > > perhaps point me in a good direction for technologies to use,
advice
> would
> > > be appreciated.
> > >
> > > TIA
> > >
> > > Simon Raistrick
> > > [EMAIL REMOVED] 07780971346
> > > http://www.feelmedia.com
> > >
> > >
> > >
> > >
> > > ============================================================
> > >
> > > * Free listing for freelancers
> > > * Free to advertise jobs
> > > * Free jobs distribution service
> > > * Free database of 1000 freelancers
> > >
> > > Freelancers and Freelance Jobs
> > > http://www.freelancers.net
> > >
> > > To post to the Forum:
> > > [EMAIL REMOVED]
> > >
> > > To unsubscribe please email:
> > > [EMAIL REMOVED]
> > >
> > > If you have difficulties unsubscribing please email:
> > > [EMAIL REMOVED]
> > >
> > > To subscribe to the digest for this list or for further
information
> please
> > visit:
> > > http://www.freelancers.net/forum.html
> >
> >
> >
> > ============================================================
> >
> > * Free listing for freelancers
> > * Free to advertise jobs
> > * Free jobs distribution service
> > * Free database of 1000 freelancers
> >
> > Freelancers and Freelance Jobs
> > http://www.freelancers.net
> >
> > To post to the Forum:
> > [EMAIL REMOVED]
> >
> > To unsubscribe please email:
> > [EMAIL REMOVED]
> >
> > If you have difficulties unsubscribing please email:
> > [EMAIL REMOVED]
> >
> > To subscribe to the digest for this list or for further information
please
> > visit:
> > http://www.freelancers.net/forum.html
> >
> >
> >
> > ============================================================
> >
> > * Free listing for freelancers
> > * Free to advertise jobs
> > * Free jobs distribution service
> > * Free database of 1000 freelancers
> >
> > Freelancers and Freelance Jobs
> > http://www.freelancers.net
> >
> > To post to the Forum:
> > [EMAIL REMOVED]
> >
> > To unsubscribe please email:
> > [EMAIL REMOVED]
> >
> > If you have difficulties unsubscribing please email:
> > [EMAIL REMOVED]
> >
> > To subscribe to the digest for this list or for further information
please
> visit:
> > http://www.freelancers.net/forum.html
>
>
>
> ============================================================
>
> * Free listing for freelancers
> * Free to advertise jobs
> * Free jobs distribution service
> * Free database of 1000 freelancers
>
> Freelancers and Freelance Jobs
> http://www.freelancers.net
>
> To post to the Forum:
> [EMAIL REMOVED]
>
> To unsubscribe please email:
> [EMAIL REMOVED]
>
> If you have difficulties unsubscribing please email:
> [EMAIL REMOVED]
>
> To subscribe to the digest for this list or for further information
please visit:
> http://www.freelancers.net/forum.html
>
>

Messages by Day
April 30th 2001
April 29th 2001
April 28th 2001
April 27th 2001
April 26th 2001
April 25th 2001
April 24th 2001
April 23rd 2001
April 22nd 2001
April 21st 2001
April 20th 2001
April 19th 2001
April 18th 2001
April 17th 2001
April 16th 2001
April 15th 2001
April 14th 2001
April 13th 2001
April 12th 2001
April 11th 2001
April 10th 2001
April 9th 2001
April 8th 2001
April 7th 2001
April 6th 2001
April 5th 2001
April 4th 2001
April 3rd 2001
April 2nd 2001
April 1st 2001


Messages by Month
December 2001
November 2001
October 2001
September 2001
August 2001
July 2001
June 2001
May 2001
April 2001
March 2001
February 2001
January 2001


Messages by Year
2008
2007
2006
2005
2004
2003
2002
2001
2000