sql-server – SQL Server 2005:SQL Server身份验证的安全性如何?

前端之家收集整理的这篇文章主要介绍了sql-server – SQL Server 2005:SQL Server身份验证的安全性如何?前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
如果您使用sql Server身份验证(2005),是否通过网络以明文形式发送登录详细信息?

解决方法

尽你所能安全……

您可以非常轻松地配置SSL,如果您没有受信任的证书,如果您强制加密,sql Server可以创建/发布它自己的自签名证书供您使用… from this write-up

Credentials (in the login packet) that are transmitted when a client application connects to sql Server are always encrypted. sql Server will use a certificate from a trusted certification authority if available. If a trusted certificate is not installed,sql Server will generate a self-signed certificate when the instance is started,and use the self-signed certificate to encrypt the credentials. This self-signed certificate helps increase security but it does not provide protection against identity spoofing by the server. If the self-signed certificate is used,and the value of the ForceEncryption option is set to Yes,all data transmitted across a network between sql Server and the client application will be encrypted using the self-signed certificate

猜你在找的MsSQL相关文章