Send data over the net between a client and server

Question

Hi all,
I've build a software that connects to DB and does stuff (does not really matters what)
also you can connect from remote computer to the server but this way is wrong cause if it's over the net, the connection string is not encrypted, what i want to do is actually build kind of sniffer that decrypt data, waiting for a "call" from a client that send encrypt data, any kind of data, then i can send a encrypted connection string, and get encrypted data(the software will know how to decrypt it..
that not really matter how strong the encryption is, not have to be strong one...
any one have ideas? Ways?

Amit.

by the way - when i think of it the "sniffer" should know all the commands i send to it so it's probably hard to build it - unless there is built in way - but ITS A NICE CHALLENGE.

Answer 1

Not sure what you're trying to do, but I think what you want to use is Asymmetric Encryption, using Public Key to encrypt and Private Key to decrypt.

The client has the public key to encrypt data to send, and server owns private key. Now you can securely send data.

I hope this is of some help. If not, please clarify your question?

Answer 2

If you use WCF you can configure that the transmission and the message should be encrypted. Here is a description about the security fundamentals of WCF.

Answer 3

What you need to do is use WCF web services (these have been covered extensively on SO, so just do a search).

With WCF, you have a web service end point that is hosted on the server, and you make function calls to it from your client. The communication channel can be encrypted if you want, all you have to do is change the configuration file for it. The server knows about the connection to the database, but the client doesn't know and nor does it need to - this means you will not have connection strings sent across the web.