Login or Register to Ask a Question and Join Our Community


UNIX and Linux RSS News

Protecting your MySQL database from SQL injection attacks with GreenSQL

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements UNIX and Linux RSS News Protecting your MySQL database from SQL injection attacks with GreenSQL
# 1  
Old 08-25-2008
Protecting your MySQL database from SQL injection attacks with GreenSQL
08-25-2008 08:00 AM
SQL injection attacks can allow hackers to execute arbitrary SQL commands on your database through your Web site. To avoid these attacks, every piece of data supplied by a user on a Web form, through HTTP Post or CGI parameters, or other means, must be validated to not contain information that is not expected. GreenSQL is a firewall for SQL -- it sits between your Web site and MySQL database and decides which SQL statements should and should not be executed. At least that's the idea -- in execution, I found some open doors.



Source...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. What is on Your Mind?

Revive Ad Server MySQL Injection Attack

No rest for the weary, a Revive Ad Server I am responsible for experienced a MySQL injection attack due to a vulnerability uncovered in the past few months. I was busy developing Vue.js code for the forums and thought to myself "I will get around to upgrading to Revive 4.2.0 (supposedly the... (0 Replies)
Discussion started by: Neo
0 Replies

2. Shell Programming and Scripting

SQL Injection Detection

I want to grep/awk /var/log/httpd/mysite-access_log.log and check if 2 words from the following appear in a single line: benchmark union information_schema drop truncate group_concat into file case hex lpad group order having insert union select from (12 Replies)
Discussion started by: koutroul
12 Replies

3. AIX

Install MySQL connector without local SQL database

Hello UNIX gurus, I need to install the mysql odbc connector with unixODBC on my AIX 5.3 machine. I have a mySQL database running on another server (Ubuntu 7.04). The SQL database works fine. The problem I am having is when trying to run ./configure for mysql-connector-odbc it seems to be looking... (1 Reply)
Discussion started by: raidzero
1 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

drop_database

DROP 
DATABASE(7)						   SQL Commands 						  DROP DATABASE(7)

NAME

       DROP DATABASE - remove a database

SYNOPSIS

       DROP DATABASE [ IF EXISTS ] name

DESCRIPTION

       DROP  DATABASE drops a database. It removes the catalog entries for the database and deletes the directory containing the data. It can only
       be executed by the database owner.  Also, it cannot be executed while you or anyone else are connected to the target database. (Connect	to
       postgres or any other database to issue this command.)

       DROP DATABASE cannot be undone. Use it with care!

PARAMETERS

       IF EXISTS
	      Do not throw an error if the database does not exist. A notice is issued in this case.

       name   The name of the database to remove.

NOTES

       DROP DATABASE cannot be executed inside a transaction block.

       This  command  cannot  be  executed  while  connected  to  the target database. Thus, it might be more convenient to use the program dropdb
       [dropdb(1)] instead, which is a wrapper around this command.

COMPATIBILITY

       There is no DROP DATABASE statement in the SQL standard.

SEE ALSO

       CREATE DATABASE [create_database(7)]

SQL - Language Statements					    2010-05-14							  DROP DATABASE(7)