Home > Uncategorized > Enhance your #MSSQL Security with two keywords in C#

Enhance your #MSSQL Security with two keywords in C#

3d database with padlock security concept

If your database server is on a different machine to your webserver, and the SQL queries travel through the network, then they are liable to be sniffed by third parties sharing the same network.

However, if you add the words:

Encrypt=True; TrustServerCertificate=True

To your connection string then the TDS data sent from client to server will be encrypted, and impossible to sniff from the network.

You can verify the connection is secure by running the following query;

SELECT session_id, net_transport, client_net_address, local_net_address,
local_tcp_port, auth_scheme, encrypt_option
FROM sys.dm_exec_connections

According to performance tests, I found no difference between the performance of secure vs plain text secure. over a batch of 200 queries.

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: