Re: HELP ! Security Problem
From: Kresimir Radosevic (kresimir.radosevic@zg.tel.hr)
Date: 11/30/02
- Next message: Kresimir Radosevic: "Re: SQL Server 7.0 Login issue"
- Previous message: Kresimir Radosevic: "Re: Securing a web DB"
- In reply to: Rem: "HELP ! Security Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Kresimir Radosevic" <kresimir.radosevic@zg.tel.hr> Date: Sat, 30 Nov 2002 11:25:04 +0100
There is a program_name column in master..sysprocesses system table. Also
you can create trace like
---------------START OF SCRIPT
/****************************************************/
/* Created by: SQL Profiler */
/* Date: 30/11/2002 11:17:53 */
/****************************************************/
-- Create a Queue
declare @rc int
declare @TraceID int
declare @maxfilesize bigint
set @maxfilesize = 5
-- Please replace the text InsertFileNameHere, with an appropriate
-- filename prefixed by a path, e.g., c:\MyFolder\MyTrace. The .trc
extension
-- will be appended to the filename automatically. If you are writing from
-- remote server to local drive, please use UNC path and make sure server
has
-- write access to your network share
exec @rc = sp_trace_create @TraceID output, 0, N'InsertFileNameHere',
@maxfilesize, NULL
if (@rc != 0) goto error
-- Client side File and Table cannot be scripted
-- Set the events
declare @on bit
set @on = 1
exec sp_trace_setevent @TraceID, 14, 10, @on
exec sp_trace_setevent @TraceID, 14, 11, @on
exec sp_trace_setevent @TraceID, 14, 12, @on
-- Set the Filters
declare @intfilter int
declare @bigintfilter bigint
exec sp_trace_setfilter @TraceID, 10, 0, 7, N'SQL Profiler'
-- Set the trace status to start
exec sp_trace_setstatus @TraceID, 1
-- display trace id for future references
select TraceID=@TraceID
goto finish
error:
select ErrorCode=@rc
finish:
go
---------------END OF SCRIPT
As you can see there is a way to filter trace on application name
(sp_trace_setfilter line). So basically create trace to monitor only Securty
audit :Audit login, select only EventClass, ApplicationName, SID and
StartTime columns and add filters to be used just for your database and to
ignore your application name.
Periodically check the trace output and when you find intruders have a nice
chat with them.
-- Kresimir Radosevic, SQL MVP I support the Professional Association for SQL Server and its user community of dedicated professionals. www.sqlpass.org "Rem" <remy.filteau@cgi.ca> wrote in message news:1b09e01c29652$8a2461c0$89f82ecf@TK2MSFTNGXA01... > Hi, > > Recently, we bought a software runnig with SQL2K. > > To lanch the application, we need to entre a > user/password, good news. It have also to security > mecanism inside the application, also good ! > > But the problem, a user can acces the data by Qyery > Analyser or others tools to acces the data. Well quiet > bad, because they can see all what they want even if in > the application they're not allowed. > > How I can outline this problem? > > Thanks for your help !
- Next message: Kresimir Radosevic: "Re: SQL Server 7.0 Login issue"
- Previous message: Kresimir Radosevic: "Re: Securing a web DB"
- In reply to: Rem: "HELP ! Security Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
