Re: SQL 2005 express security issue



Personally I cracked MDB files' passwords many times. There are lots of softwares which perform this job decently and easily in one second.

--
Ekrem Onsoy



"stm" <stm@xxxxxxx> wrote in message news:ehzwxRMaIHA.3828@xxxxxxxxxxxxxxxxxxxxxxx
yes, they will get a copy of the mdf file......it is included in the distribution of my application.
It is a local standalone application, no network connection required.

Using Access, I can set password to MDB, although some said it is easy to crack.


"Daniel Crichton" <msnews@xxxxxxxxxxxxxxxx> 在郵件 news:%233L5VsBaIHA.5900@xxxxxxxxxxxxxxxxxxxx 中撰寫...
stm wrote on Wed, 6 Feb 2008 00:19:17 +0800:

but anyone can install his own SQL Express in their own machine, and
view anything.......

Only if they then get hold of the MDF and LDF files and attach them to their instance of SQL Server - if you allow access to the underlying files then you're at risk no matter what software you use. If they just install SQL Express on their own machine and then connect to a different server where your data lies they'd need to have the sa password on the remote server - they can't just connect using the local sa login and then pull it across.

If you're really concerned about restricting access to the data, then look into using the built-in encryption features - using these would also require the person who gets the MDF and LDF files to also gain access to the certificate used to encrypt/decrypt the data, and that is likely going to be much harder.

--
Dan



.



Relevant Pages

  • Re: obsidianmusic =?UTF-8?Q?alternative=3F=20=28music=20library?= =?UTF-8?Q?=20with=20stream
    ... I'll add it to the list of resources I should take care when I'm writing softwares, ... there are so many people which thinks using an application which have nothing related to databases on a dedicated server is smart and fashion... ... One thing I know which will be permanent for me, it that I will never understand how my predecessors made stuff complex like windows 3.1, first mspaint, first desktop office, able to run on computers with so poor performances and how my generation is able to write pacmans without new features able to kill modern CPUs. ... playlist is reached (vlc has some special urls like vlc://quit). ...
    (Debian-User)
  • Re: 2000
    ... What are the "unwanted softwares" that are installed on your server? ... services or processes running on your server that you did not ... install, it is likely that your server has been compromised. ...
    (microsoft.public.win2000.active_directory)
  • Re: how to RECOVER----PLEASE HELP
    ... > softwares .some softwares are there which link to the ... > system files of os. ... > Next time when i open the server its not opening and came ... > IS THERE ANY COMMAND IN DOS MODE WHICH I CAN USE IN DOS ...
    (microsoft.public.win2000.security)
  • how to RECOVER----PLEASE HELP
    ... softwares .some softwares are there which link to the ... system files of os. ... Next time when i open the server its not opening and came ... IS THERE ANY COMMAND IN DOS MODE WHICH I CAN USE IN DOS ...
    (microsoft.public.win2000.security)
  • Re: how to RECOVER----PLEASE HELP
    ... >> i have a server loaded windows 2000,and some ... >> softwares .some softwares are there which link to the ... >> Next time when i open the server its not opening and came ... which replaces system files but keeps your ...
    (microsoft.public.win2000.security)