March 20, 2002 at 12:38 pm
looking for documentation on encryption level when exporting data to an external sql server across the internet.
March 20, 2002 at 7:57 pm
SQL Server 2000 supports the use of certificates (requires IIS to be installed on the SQL Server system), which then allows TCP/IP connections via SSL. There is information in Books Online.
K. Brian Kelley
http://www.sqlservercentral.com/columnists/bkelley/
K. Brian Kelley
@kbriankelley
March 28, 2002 at 2:53 pm
I should have specified SQL 7.0
thanks in advance
April 1, 2002 at 7:59 am
Check out "INF: Network Encryption Available Using the Multi-Protocol Net Library (Q132224)" at http://support.microsoft.com/default.aspx?scid=kb;en-us;Q132224
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
April 1, 2002 at 8:47 am
The server that we attach to is a Virtual Server, so (it was suggested)enabling Multi-Protocol Encryption is not an option.
April 1, 2002 at 9:34 pm
Your options are rather limited, then. What you may have to end up doing is extracting the data, encrypting it, sending it, and decrypting it. Another possibility is to build a secure tunnel with PPTP or L2TP, but so far as I am aware, this would require user interaction.
K. Brian Kelley
http://www.sqlservercentral.com/columnists/bkelley/
K. Brian Kelley
@kbriankelley
April 2, 2002 at 4:53 am
And going back to your original question, the TDS I do not believe is enrypted in any unless you use multiprotocol with encryption turned on and so is visible to packet sniffers.
Also in regards to the encryption level on a multiprotocol setup I found this.
Multi-Protocol is the only net-lib that supports encryption. All packets sent using multi-protocol are encrypted - that includes all data, userids/passwordd etc. Encryption (on/off) can be configured at the client and server end. At the server end you can enforce encryption - if you do this then any clients not configured for encryption won't be able to connect with the multi-protocol net-lib. The encryption used is the built-in NT encryption libraries - therefore the strength of encryption depends on NT. By default this is 40-bit - if you are able to apply the NT "high-encryption option" version then you will get 128-bit strength encryption.
At http://www.ntfaq.com/Articles/Index.cfm?ArticleID=14360
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
April 2, 2002 at 10:26 am
secure shell, vpn, export to file and encrypt the file and then ftp the encrypted file (or other transport).
Steve Jones
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply