Solved

Using Wireshark to Detect an Encrypted SQL Server 2000 connection

Posted on 2010-09-02
6
1,330 Views
Last Modified: 2013-12-01
Is it possible to verify if a SQL Server is using an Encrypted connection with Wireshark?

If so, how?

I can see the actual sql statement with Wireshark but I can not see if the SQL connection is encrypted.

0
Comment
Question by:FastEddie___
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 22

Accepted Solution

by:
Matt V earned 500 total points
ID: 33588737
If you can see the SQL statements then the connection is not encrypted.
0
 
LVL 4

Expert Comment

by:torque_200bc
ID: 33588742
can you post the wireshark output?
0
 

Author Comment

by:FastEddie___
ID: 33590020
I have attached the wireshark .pcap file and an image that shows the query being run.
Please let me know what you think.
 

WireShark-Results.GIF
Bitstream-Capture.txt
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 22

Expert Comment

by:Matt V
ID: 33590892
As I said, if you can see the plain text then the stream is not encrypted.
0
 

Author Closing Comment

by:FastEddie___
ID: 33590921
Thank you.

0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 33594423
encrypted sql is over tls - so if it starts with a https-style handshake, it is working :)
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When the confidentiality and security of your data is a must, trust the highly encrypted cloud fax portfolio used by 12 million businesses worldwide, including nearly half of the Fortune 500.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question