There are times we need to create an ODBC connection over the "tubes" to one of our customer sites. We would like to provide as much security as possible to our customers, given we are using ODBC and, well...
Anyway, there is a checkbox setting in the SQL Server DSN that says "Use strong encryption for data", but absolutely no documentation for it. The only references I can find on the Google nets are unanswered questions -- not very encouraging. Does anybody have a clue what it does or how it works? If that isn't a way to encrypt the data stream, is there another way?
BTW, we cannot rely on our customers to force encryption from their end, and dealing with security certificates would be a real nightmare.
Thanks in advance,
Dave
Is it SQL 2000 or 2005/2008?
The encryption enforcement can be requested by the client or enforced by the server. The encryption is based on Schannel protocol (ssl) and as such requires an valid certificate deployed on the server and trusted by the client, there is no way out of that. The certificate has to be signed by an authority that is trusted by the client and, amongst other typical server certificate requirements, must have the FQDN name used to connect by the client as its subject.
In SQL 2005 How to: Enable Encrypted Connections
In SQL 2000 Configure the Server and Request encryption by client
There is no reason you can't have a secure connection while using ODBC. Basically, the responsibility for over-the-wire security would fall under the ODBC driver (basically the database-specific part). If the driver doesn't already provide for this (SQL Server may or may not - I don't know what "Use strong encryption for data" applies to) you can probably add your own. One possibility would be to create a SSH bridge, e.g. using ssh -L. I don't know if this counts as a "nightmare", but it would probably be an effective and fairly simple technique.
Related
I am investigating the use of SSL to ensure security when performing remote software updates to embedded systems. This means that I would like to ensure that only specific client machines may communicate with the embedded server system.
I understand that server certificates authenticate the identity of the server and client certificates authenticate the identity of the client and this prevents man in the middle attacks.
What I would like to know is if client certificates can be used in such a way that only clients with specific certificates, compatible with the server, can communicate with the server.
My interpretation so far from reading up on this is that that certificates are used to ensure that either client or server are who they say they are. Not to restrict access to specific clients. Is this correct?
If someone could help clarify this, and provide some pointers, I'd be grateful.
Thanks
I have an IIS hosted WCF Service that uses SSL encryption. This service makes requests to a SQL Server 2014 database instance. When I make a call to the service the response message is encrypted. So, the connection between the client (browser) and the service is secure. I also want the connection between the service and the SQL Server 2014 database to be secure.
This is where my question comes in. I am not exactly sure how to do this. I read the following article Enable Encrypted Connections to the Database Engine and I was able to successfully add the certificate to the SQL server database engine and changed the Force Encryption flag to True. But now I am a bit confused as to whether I want to configure the server to accept encrypted connections or the client to request encrypted connections. Based on the scenario I presented above it seems I want the client to request encrypted connections from the SQL Server DB correct? I guess one reason I am confused is because this is ALL happening on my development machine. SQL Server is being hosted there as is the IIS Service.
If someone with experience could maybe clarify that for me I would greatly appreciate it.
If you haven't restarted the service, then do so to complete the configuration change. It sounds like you applied the change correctly and using a domain or public CA certificate will prevent a man in the middle attack. To verify that the connections are secure, you can use a DMV named sys.dm_exec_connection which should display true for the encrypt_option for all sessions, as below:
select session_id, net_transport, encrypt_option from sys.dm_exec_connections
I'm not certain that connections from the host to SQL Server will be encrypted by SSL\TLS since they would be using the shared memory protocol and Windows manages the security of shared memory.
I was exploring SSL certificates and its advantages. There I came across using SSL certificate for Database connection. I am confused with why we need secure connection with database. Since if secure connection is established between client and server, anyways server is what going to connect and fetch from Database. Can someone help me in understanding why we need secure connection with Database? Thanks in advance.
You need SSL when the connection method is not secure, such as attaching to a remote database over the Internet. It's probably not a bad idea in general even for an internal application if there is any risk that someone, such as employee, may be able to intercept and either view the data in plaintext or do a MITM attack and they're not otherwise authorized to completely control the database.
The main idea of SSL is to prevent man-in-the-middle attacks and to make sure the remote server is really who they say they are.
I have implemented a secure SSL connection on the SQL Server 2005 server. I use the "Microsoft SQL Server Management studio" to connect to the SQL Server and I check the "Encrypt Connection" check box in the options section. The connection is successful and when I look at the connection properties in the mgmt studio, it shows me "Encrypted=Yes".
So that tells me that my SSL setup is correct and I'm able to successfully connect my management studio to sql server on a secure SSL encryption channel.
Question
I want to find out what "security functions" are being used behind the scenes on this connection...because I want to make sure it complies with one of the approved standards by
fips 140-2 anex a (http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf), which has information on approved encryption functions
So I used wireshark to capture the traffic and find out the protocols/handshakes. For instance something like 'Auth TLS' request etc...
But I couldn't find out any of the encryption related information (I guess don't know how to). I don't see any SSL protocol packets. Maybe its doing all the encryption stuff at some other protocol level.
So how I do go about figuring this out? I have the packet capture from wireshark and I can provide it to whoever is interested in looking at it. stackoverflow probably doesnt allow attachments.
Any help would be appreciated.
Thanks
Amit
You want to enter ssl as the Wireshark filter to show only SSL and TLS packets, and you should see the client and server handshake and exchange a list of ciphers. If the client initiates any SSL connection, you should see a CLIENT HELLO somewhere in your capture. You can show only these packets with the filter ssl.handshake.type == 1.
That being said, running SQL Server 2005 SP1+ in FIPS 140-2 mode is covered by KB article 920995. From what you wrote, it sounds like you are just hoping the client and server pick an allowed cipher, but that's not how FIPS 140-2 works. Even if your session chooses an allowed cipher, it may not choose a FIPS-certified cipher, and the certification is what's important.
The KB article spells it out with this quote:
Note that it is not sufficient to use
an algorithm from the approved lists
in FIPS 140-2. It is necessary to use
an instance of such an algorithm that
has been certified.
To guarantee the server uses a FIPS-certified cipher, you need to enable the FIPS 140-2 policy like the KB article says.
not using wireshark but using netmon, i have a write up on doing this here:
http://cornasdf.blogspot.com/2010/04/sql-server-data-in-transit-cipher.html
Using Wireshark, you can easily find whether the connection is encrypted by looking at the packet data. This document explains the analysis clearly => https://middlewareworld.org/2020/09/04/step-by-step-ssl-handshake-with-wireshark/
My OSCommerce site includes a separately programmed feature for which I use SQL tables. I've decided to host its tables on a remote site offering free SQL accounts. I'd like to know if there could be any disadvantages to this approach.
Thanks
Syd
Disadvantages might include the longer time it will take to run the script since it has to make a connection over the network and the need to make sure that the database connection is made securely -- that the password for the database login isn't passed in clear text & that the permissions on the receiving end of the connection are set to allow connections from only that IP. Of course you'll also want to make sure that the free hosting company provides adequate security for the database itself -- "free" doesn't alway pay for the best set up or the most knowledgeable technicians...
You should connect to your MySQL database using MySQL's built-in SSL ability. This insures that all data transfered is highly protected. You should create self-signed x509 certificates and hard code them. This is free, and you don't need a CA like Verisign for this. If there is a certificate exception then there is a MITM and thus this stops you from spilling the password.
Another option is a VPN, and this is better suited if you have multiple daemons that require secure point to point connections.
I am assuming you are hosting the OSCommerce database on the same server as the webserver and your solution only allocates one database per customer. You can use the add-on tables in the same database as the regular OSCommerce tables as long as you prefix them with some prefix so that they won't have a namespace conflicts. If the code to the third party solution is any good, it won't be too hard to configure a table prefix so that the code will know what the new names for the tables are. This solves any potential latency problem and keeps the control in your hands. I use this trick to host multiple wordpress blogs in the same database.