Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
AskSQLTeam
Ask SQLTeam Question
0 Posts |
 Posted - 2003-04-23 : 07:37:32
|
| Hitesh Sadarangani writes "Hi,I need to write a script that creates a trace that stores the traced data into a table rather than a file.I am working on trying to secure my database from unauthorised access. With regards to this, I was trying using Traces to track the database activity. Using the Filters, I am able to set the trace to log all transactions and actions by any login other than 'sa'.In such a case, I want to run a stored procedure that with kill all connections to the database, detach it from the Server and encrypt it.Is it possible to create a trace and run it when the database is started. This is important for me, because, if any unauthorised access is made to my databsae, an entry would be logged into a trace table in the database. Using the 'On-Insert' trigger for that table, I can call a stored procedure to detach and encrypt my database.Please assist and comment urgently.Thanks.-Hitesh Sadarangani." |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2003-04-23 : 07:43:57
|
It's funny, this reminds me of the time I wanted to build a system that detects when a stranger attempts to enter the front door of my house. I was gonna install an elaborate motion detection system that also senses body heat, facial recognition, iris and retina scanning, and fingerprint reading. When the stranger touches the doorknob, the system kills them, raises steel gates and barbed wire around my house, then moves the house to Fort Knox and constructs a new moat and stone wall with battlements and gun emplacements around it, and staffs it with 5,000 armed soldiers and a tank battalion.But then I figured I could just lock the door, and it keeps 99.999% of the people out of my house.  The moral? Use proper security. Grant only those rights that users absolutely need. Remove users and logins that shouldn't have access to the server. It is far easier and more secure to do that than to bother with the process you describe. |
 |
|
|
ValterBorges
Master Smack Fu Yak Hacker
1429 Posts |
Posted - 2003-04-23 : 08:32:21
|
| Are you trying to protect the company, the database or your job? |
|
|
|
efelito
Constraint Violating Yak Guru
478 Posts |
Posted - 2003-04-23 : 10:37:14
|
| That's a pretty weak plan Rob... you forgot all about air support? Jeff Banschbach, MCDBA |
|
|
|
X002548
Not Just a Number
15586 Posts |
Posted - 2003-04-23 : 11:09:06
|
| You guys are too much...LOLDidn't point out several misconceptions here...How does a Trigger fire when accessing the server?Wants to block all but sa? I thought Brian Knight (on his soap box) indicated that sa should be retired, and another login be set up with those priviliges....great stuff though rob...Brett8-) |
|
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2003-04-23 : 21:10:16
|
| Thanks! I thought it sounded better than "an ounce of prevention is worth a pound of cure." |
|
|
|
|
|
|
|
|
Monitoring the Database