This is often a problem where the Sybase username and password is provided to the user without the application somehow encrypting it. Normally the users have an account on the application, which is different from their Sybase logins.
It appears that your application has an auditing feature, which is invoked when the user logs in through the application, but no such thing when the user connects directly to the Sybase. There are few ways of stopping this from happening if you are using Sybase 12.5 or higher by means of login triggers. In login triggers, you can easily write the code which identifies what program the user is accessing the server with (isql, DBArtisan etc) and then can kill the process immediately.
If you are using the older versions of Sybase, you can lock these logins by means of sp_locklogin <login_name> to stop them accessing the database. You can write a simple shell script which runs in the server every minute and identifies from master..sysprocesses.program column which user process is logged in via isql, etc., and kill the spid of the process (make sure that you exclude 'sa' login etc). This should be fairly simple to write and test.
For More Information
- Dozens more answers to tough SQL Server questions from Mich Talebzadeh are available here.
- The Best Sybase Web Links: tips, tutorials, scripts, and more.
- Ask the Experts yourself: Our SQL, database design, SQL Server, DB2, Sybase, object-oriented and data warehousing gurus are waiting to answer your toughest questions.
This was first published in April 2004