[Winpcap-users] How to use WinpCap to capture SQL command
sendover NIC
Keith W. Hare
Keith at jcc.com
Wed Jul 16 20:37:05 GMT 2008
>-----Original Message-----
>From: winpcap-users-bounces at winpcap.org
[mailto:winpcap-users-bounces at winpcap.org] On Behalf Of Guy Harris
>Sent: Wednesday, July 16, 2008 2:15 PM
>To: winpcap-users at winpcap.org
>Subject: Re: [Winpcap-users] How to use WinpCap to capture SQL command
sendover NIC
>...
>> and parse it into SQL command
>WinPcap will not do that for you; you will have to write your own code
>to parse SQL packets (in whatever format they're in - I think there
>are at least two different protocols, one used by Oracle and one used
>by Sybase/Microsoft).
There are a lot more than two different protocols. There is no standard
for the SQL communications protocol. The Microsoft ODBC and SUN JDBC
specifications specify the client interface, not the communications
protocol. This is why you need ODBC and JDBC client drivers specific to
the target database. And, in addition to ODBC & JDBC, there are other
database specific interfaces such as Oracle's OCI.
So, yes, it should be possible to parse the SQL packets, but it may be
difficult to generalize.
(In the 1990's, there was an attempt to create a standard communications
protocol for SQL, but it was never particularly successful, for a
variety of long and tedious reasons.)
Keith
______________________________________________________________
Keith W. Hare JCC Consulting, Inc.
keith at jcc.com 600 Newark Road
Phone: 740-587-0157 P.O. Box 381
Fax: 740-587-0163 Granville, Ohio 43023
http://www.jcc.com USA
______________________________________________________________
More information about the Winpcap-users
mailing list