I can capture the packets using wireshark, but I can't decode the stream into anything intelligible. This bug suggests that maybe this isn't possible in SQL Server 2005 or newer... https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3098, but several people on Stack Overflow claimed this was a good method in answers to this question: http://stackoverflow.com/questions/907057/how-can-i-prove-my-sql-server-traffic-is-encrypted. Any help appreciated.
+1
A:
The question that you are refering to is how to prove that the traffic is encrypted.
So they were using wireshark to show that you could not read it.
The encryption was weak on earlier versions of SQL server, but I don't think that it is easy to decrypt SQL Server 2005 traffic.
Shiraz Bhaiji
2010-01-07 21:13:01
But the question is, how did they prove that it was encrypted? You need to decode the TDS stream and it is not obvious (to me at least) how to do this in wireshark.
Pete
2010-01-07 22:13:54