Re: How to protect my SQL Server queries
- From: "Cathal Connolly [VB MVP]" <cconnolly@xxxxxxxxxxxxxxxxx>
- Date: Thu, 18 Aug 2005 02:37:43 +0100
If the remote server is part of the same domain, or a domain trust is setup
then just use windows authentication to protect your credentials.
If thats not the case, then you can encrypt the communications either over
SSL or IPSEC (see
http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/sp3sec03.mspx
for links to KB's for both)
I'd also recommend that you don't pass sql queries across the wire, and
instead use stored procures where possible. You should also consider
encrypting the data in your database. In sql 2000 you can either do that via
the code in your application, or via a SQL encyption library. There are a
number of commercial ones, but theres also an excellent free one @
http://www.sqlservercentral.com/columnists/mcoles/freeencryption.asp (note:
SQL 2005 has built-in support for encryption)
Cathal
"Dino Buljubasic" <dino@xxxxxxxxxxxxxxxxxxx> wrote in message
news:uqb7g1p5g77l8dh7c5eq36d47o94rlsg60@xxxxxxxxxx
> Hi,
>
> My application is extensivelly querying a remote server. Somebody
> sniffing the traffic could eventually find out all important
> information such as passwords (from users in datatables as sell as the
> password and user name used in connectiong string to that server.
>
> How can I protect my self from this?
>
> Thank you
> _dino_
.
- References:
- How to protect my SQL Server queries
- From: Dino Buljubasic
- How to protect my SQL Server queries
- Prev by Date: Re: Help creating a function
- Next by Date: Re: Thread
- Previous by thread: How to protect my SQL Server queries
- Next by thread: Re: How to protect my SQL Server queries
- Index(es):
Relevant Pages
|
