What are the ways of protecting a SQL Server without using third party tools and not lose performance?
[EDIT]
I don't want to see,change,copy and attach,backup and restore to other servers. Only my application could do those operations. Even from System Admins
There is a lot of ways to do this, really depends on the type of protection you want, here is some of my ideas.
Protecting unauthorized access, you can:
Encrypt ConnectionStrings in your web.config (if .net)
Enforce WindowsAuthentication in your connection
Keep your DB passwords very complex
If you are going to encrypt your connection string, leave it encrypted until it is used, that way, if someone is able to read it, even when you call it.. it is stored in memory encrypted, and make sure you use AES or any other type of encryption that requires a password, don't use Base64, too basic
A few other things you can do as well..
Be aware of SQL injection, never use inline queries, always use stored procedures, however if you must use inline, use parameters.