Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The server could be returning potentially sensitive data in its responses. Therefore, it is strongly recommended that the server be configured to use GSS-API based encryption over TCP or Secure Sockets Layer (SSL) over HTTPS to ensure the integrity of the data and to prevent tampering and unauthorized access.
There are two strategies for reducing the impact of denial-of-service (DOS) attacks against the server:
Turn on authentication and deny access to unauthenticated clients. This will allow a user to quickly disable access to rogue client machines.
Make sure that no single request takes too much processing time on the server. That will ensure that any attacker needs to maintain a steady stream of requests to deny access to the server. Therefore, a simple network trace will allow one to identify the offending machine and shut it down. This applies to requests sent by "spoof clients" (for example, a virus emulating a client that might try to pass an unbounded request or a long-running MDX query).