--=_NextPart_000_0082_01C4C333.0A1F0510
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Is there a way I can monitor who is using EM to open tables?
Suppose I have a database with a table(s) where I keep the answers to = questions on a test, or answers to a game a company is running on an = intranet, how do I know if people with sa permissions are going in via = the back door to look/retrieve answers?
Thanx!
--=_NextPart_000_0082_01C4C333.0A1F0510
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
&
Is there a way I can monitor who is = using EM to open tables?
Suppose I have a database with a = table(s) where I keep the answers to questions on a test, or answers to a game a company = is running on an intranet, how do I know if people with sa permissions are = going in via the back door to look/retrieve answers?
Thanx!
--=_NextPart_000_0082_01C4C333.0A1F0510--This is a multi-part message in MIME format.
--=_NextPart_000_0159_01C4C33B.94A514B0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
You could use the Profiler on the database and monitor queries, spid's =etc. This can all
be logged to a table.
"JLS" <jlshoop@.hotmail.com> wrote in message =news:eiWh$z1wEHA.1300@.TK2MSFTNGP14.phx.gbl...
Is there a way I can monitor who is using EM to open tables?
Suppose I have a database with a table(s) where I keep the answers to =questions on a test, or answers to a game a company is running on an =intranet, how do I know if people with sa permissions are going in via =the back door to look/retrieve answers?
Thanx!
--=_NextPart_000_0159_01C4C33B.94A514B0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
&
You could use the Profiler on the =database and monitor queries, spid's etc. This can all
be logged to a table.
"JLS"
Is there a way I can monitor who is =using EM to open tables?
Suppose I have a database with a =table(s) where I keep the answers to questions on a test, or answers to a game a =company is running on an intranet, how do I know if people with sa permissions =are going in via the back door to look/retrieve answers?
Thanx!
--=_NextPart_000_0159_01C4C33B.94A514B0--|||This is a multi-part message in MIME format.
--=_NextPart_000_0179_01C4C33C.37B5EC60
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
I also forgot to add... the sa password should really be kept under =wraps and in
the hands of people on a need to know basis.
"Armando Prato" <aprato@.REMOVEMEkronos.com> wrote in message =news:eUYK$V2wEHA.1524@.TK2MSFTNGP09.phx.gbl...
You could use the Profiler on the database and monitor queries, spid's =etc. This can all
be logged to a table.
"JLS" <jlshoop@.hotmail.com> wrote in message =news:eiWh$z1wEHA.1300@.TK2MSFTNGP14.phx.gbl...
Is there a way I can monitor who is using EM to open tables?
Suppose I have a database with a table(s) where I keep the answers =to questions on a test, or answers to a game a company is running on an =intranet, how do I know if people with sa permissions are going in via =the back door to look/retrieve answers?
Thanx!
--=_NextPart_000_0179_01C4C33C.37B5EC60
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
&
I also forgot to add... the sa =password should really be kept under wraps and in
the hands of people on a need to know basis.
"Armando Prato"
You could use the Profiler on the =database and monitor queries, spid's etc. This can all
be logged to a table.
"JLS"
Is there a way I can monitor who is =using EM to open tables?
Suppose I have a database with a =table(s) where I keep the answers to questions on a test, or answers to a game a =company is running on an intranet, how do I know if people with sa permissions =are going in via the back door to look/retrieve answers?
Thanx!
--=_NextPart_000_0179_01C4C33C.37B5EC60--|||The best solution would be to put that database on a secured installation
where you controlled who had sa access.
The problem with any sort of auditing solution is that the people you are
auditing are GOD within the system, which means they have the power to
subvert your tracking.
Sincerely,
Anthony Thomas
"Armando Prato" wrote:
> You could use the Profiler on the database and monitor queries, spid's etc. This can all
> be logged to a table.
>
> "JLS" <jlshoop@.hotmail.com> wrote in message news:eiWh$z1wEHA.1300@.TK2MSFTNGP14.phx.gbl...
> Is there a way I can monitor who is using EM to open tables?
> Suppose I have a database with a table(s) where I keep the answers to questions on a test, or answers to a game a company is running on an intranet, how do I know if people with sa permissions are going in via the back door to look/retrieve answers?
> Thanx!|||Exactly!!! These are my peers, network guys in my department. But I want
the game to be fair, if they can just go into the tables via the back door
then that's really not fair to the rest of the people playing.
To address the comment about the sa password only being given on a need to
know, it is.
"AnthonyThomas" <AnthonyThomas@.discussions.microsoft.com> wrote in message
news:006309CB-AB18-4C59-8B35-75903AA6ECC2@.microsoft.com...
> The best solution would be to put that database on a secured installation
> where you controlled who had sa access.
> The problem with any sort of auditing solution is that the people you are
> auditing are GOD within the system, which means they have the power to
> subvert your tracking.
> Sincerely,
>
> Anthony Thomas
>
> "Armando Prato" wrote:
> >
> > You could use the Profiler on the database and monitor queries, spid's
etc. This can all
> > be logged to a table.
> >
> >
> > "JLS" <jlshoop@.hotmail.com> wrote in message
news:eiWh$z1wEHA.1300@.TK2MSFTNGP14.phx.gbl...
> > Is there a way I can monitor who is using EM to open tables?
> >
> > Suppose I have a database with a table(s) where I keep the answers to
questions on a test, or answers to a game a company is running on an
intranet, how do I know if people with sa permissions are going in via the
back door to look/retrieve answers?
> >
> > Thanx!|||You could always change the 'sa' password yourself prior to the
game commencing. I am assuming that this isn't a production
server. At least I hope it's not ;)
"JLS" <jlshoop@.hotmail.com> wrote in message
news:uPoodP3wEHA.3612@.tk2msftngp13.phx.gbl...
> Exactly!!! These are my peers, network guys in my department. But I want
> the game to be fair, if they can just go into the tables via the back door
> then that's really not fair to the rest of the people playing.
> To address the comment about the sa password only being given on a need to
> know, it is.
>
> "AnthonyThomas" <AnthonyThomas@.discussions.microsoft.com> wrote in message
> news:006309CB-AB18-4C59-8B35-75903AA6ECC2@.microsoft.com...
> > The best solution would be to put that database on a secured
installation
> > where you controlled who had sa access.
> >
> > The problem with any sort of auditing solution is that the people you
are
> > auditing are GOD within the system, which means they have the power to
> > subvert your tracking.
> >
> > Sincerely,
> >
> >
> > Anthony Thomas
> >
> >
> > "Armando Prato" wrote:
> >
> > >
> > > You could use the Profiler on the database and monitor queries, spid's
> etc. This can all
> > > be logged to a table.
> > >
> > >
> > > "JLS" <jlshoop@.hotmail.com> wrote in message
> news:eiWh$z1wEHA.1300@.TK2MSFTNGP14.phx.gbl...
> > > Is there a way I can monitor who is using EM to open tables?
> > >
> > > Suppose I have a database with a table(s) where I keep the answers
to
> questions on a test, or answers to a game a company is running on an
> intranet, how do I know if people with sa permissions are going in via the
> back door to look/retrieve answers?
> > >
> > > Thanx!
>
No comments:
Post a Comment