How to transfer objects securely.
After installation of SQL Shield you can start using it immediately. SQL Shield does not affect the existing procedures, it does not change any objects that already exist. When activated it just affects your newly created procedures. It happens only when you explicitly specify the new method. So, the both methods can coexist without interfering. To explicitly specify the new method you should insert the comment /*sqlshield*/ into WITH ENCRYPTION clause. This comment is case sensitive. Example:CREATE PROCEDURE MyTest
WITH /*sqlshield*/ ENCRYPTION
AS
SELECT 2+2
SQL Shield does not provide the method of decrypting procedures encrypted with SQL Server or SQL Shield modes.
After installation of SQL Shield you can choose which method of encryption to use: native or SQL Shield. You can enable and disable SQL Shield by running two external procedures. SQL Shield starts together with SQL Server. During the installation it places a special procedure called sqlshield_startup into the master database. If you want to disable it, comment "exec sqlshield_on" there. To unload SQL Shield at any time use "exec sqlshield_off". After that all newly created objects will use native SQL Server encryption. SQL Server caches decrypted objects. That is why even the encrypted objects are usually available (you can execute them) after you stop or unload SQL Shield. But objects that were not started are not available. If you restart SQL Server and do not start SQL Shield all objects are not available. However SQL Shield does not completely prevent procedures from being decrypted, but SQL Shield makes it impossible for all now existing decryptors.
Take a look how easily SQL Server procedures can be decrypted. Create a simple encrypted stored procedure:
Locate the decryption program on web search
Start it, choose the newly created procedure and press save.
Open the created text file with Notepad. Here you are. All your encrypted procedures can be revealed with a few clicks!
Now let us see how SQL Shield solves this problem
Start SQL Shield, if it was not yet started:
Create the new stored procedure and insert "magic" /*sqlshield*/ comment:
Run it and see that it still can be executed without a problem
Run the decryptor and try to apply it to our procedure:
Press Save button and take a look at the result file:
Opps. Our procedure is now protected.
Do you want to see what would happen without SQL Shield ? Disable auto start of SQL Shield in master.sqlshield_startup procedure and restart SQL Server. Now run sqlshield_test again. You will see the following error.
When you start SQL Shield it becomes executable again.