Page 1 of 1

Connecting to a remote server's database (Due Diligence)

Posted: Sat Oct 15, 2005 4:08 am
by Mohammad
Hello

I'm at a novice state related to databases. Our company is planning to make a site which by that a Query from our site is going to be submitted to a remote database on another server(s) in a remote location, and the result is gonna be poped back at us.

Now currently we have no idea how the other Database we are dealing with is, we dont know the structure, either they use MySql, Oracle or etc...

My task is to do Due Dilligence. they have told me to make a list of, the stuff we should take note, or be aware, before and after we have access to the remote database.

Since i'm quite a beginner, I would like to have some feedback to help me out writing the Due Dilligence list.

Thanx in advance :)

Posted: Sat Oct 15, 2005 8:07 am
by feyd
  1. Remote database connections are very prone to a sniffing attack. I'd suggest using an SSL or PPTP like connection between them if possible.
  2. I'd create an interaction script on each server that allows the other server (hopefully a static IP, and not shared) that acts as an interface to work with their systems and yours. This way the implementation of what database and things is ancillary provided a standard for data transmission can be reached.
thats all I can think of right now..

Posted: Sat Oct 15, 2005 9:36 am
by Mohammad
Hello feyd & thanx for the reply.

I understand the first part which is securing the connection with ssl or etc.

the second part which you mentioned "interaction script ", can you please explain that a bit more.

thanx again

Posted: Sat Oct 15, 2005 9:48 am
by feyd
Basically, it'd be a script residing on one server that the other server interacts with, instead of creating the actual database connection directly. A common language (I'm thinking XML) would be used to communicate between the two so that the actual DBMS behind it is unimportant. Both servers would have a variant of the interaction script talking the same language to each other.

Posted: Sun Oct 16, 2005 2:16 am
by Mohammad
dont you think its better to use ODBC between all the servers, from our side and the remote one?

but your are saying its better for us to send the query as in XML and also retrieve data in an XML file, and we have our interaction script to take of that right??

please correct me if i'm wrong.

thanx

Sounds like a job for SOAP

Posted: Sun Oct 16, 2005 9:47 pm
by heavyj