Home > Uncategorized > Enhance your #MSSQL Security with two keywords in C#

Enhance your #MSSQL Security with two keywords in C#

June 21, 2018 Leave a comment Go to comments

3d database with padlock security concept

If your database server is on a different machine to your webserver, and the SQL queries travel through the network, then they are liable to be sniffed by third parties sharing the same network.

However, if you add the words:

Encrypt=True; TrustServerCertificate=True

To your connection string then the TDS data sent from client to server will be encrypted, and impossible to sniff from the network.

You can verify the connection is secure by running the following query;

SELECT session_id, net_transport, client_net_address, local_net_address,
local_tcp_port, auth_scheme, encrypt_option
FROM sys.dm_exec_connections

According to performance tests, I found no difference between the performance of secure vs plain text secure. over a batch of 200 queries.

Advertisement
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: