Protect SQL statements from being captured and tracked by SQL profiler/event Probe

Source: Internet
Author: User

A major advantage of SQL Server databases is the rich UI management and debugging tools, which is definitely better than Oracle and other large and medium-sized databases.

Among the many tools of SQL Server, it is very important for developers and DBAs to use SQL profiler.

Each action executed in SQL Server can be clearly viewed in SQL profiler, which is very helpful for performance tuning and later maintenance.

 

 

 

However, the problem arises. After your product is released, you may not want the customer to track your SQL Execution to keep the customer confidential. So this advantage becomes your "eye point"

How can I not be tracked by SQL profiler?

Next, we will discuss this issue.

Assume that you have a table named A, which contains a password field to save the password. Execute the following SQL statement:

Select [Password] from [a]

In the SQL profiler event probe, you will see the following content:

 

-Find "password" in the event text ".
-For security reasons, replace the text with this annotation.

 

In this way, the content of the SQL statement you executed is invisible.

However, you may be confused. The password field may not exist in my table.

This is true, but Microsoft is more powerful. As long as the keyword password, encryption, and sp_setapprole appear in any part of the query process, the entire Query Process will be hidden, anywhere, of course, this includesNote.

 

 

For example, execute the following process statement:

 

Similarly, the following prompt is displayed in SQL profiler:

 

In this way, it is clear that you can add a comment containing keywords in the SQL statement you want to protect!

Address: http://www.cnblogs.com/sjcatsoft/archive/2010/01/21/1653152.html

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.