All ODBC connection information, including the
are stored in clear text in the registry. However, the following precautions are taken to ensure that this security-sensitive information cannot be obtained and does not pose a risk to network security:
1. Registry Access Permissions: By default, only Administrators have access to the EventSentry configuration which is stored in the registry. As such, a user has to already be an Administrator in order to gain access to the ODBC username information.
2. Restritive Database Permissions: The eventsentry_svc user, which is used by the EventSentry agents to write to the EventSentry database, has mostly only INSERT permissions to add rows to the various database tables. This means that even if the account were compromised, an intruder would not be able to query the tables that hold event log and other data.