Did you notice about the SQL Injection Attacks? How to stop

Networking/Security Forums -> Security Related Software

Author: yuvarajrao PostPosted: Wed Feb 18, 2009 8:47 am    Post subject: Did you notice about the SQL Injection Attacks? How to stop
    ----
Recently I see lot of news relating to SQL injection attacks, by romanion hackers. Did you notice they target only security software companies. Did you why are they targeting only security companies databases. Is there any specific reason for this.

How can I safeguard my website? Do you think, an web application security software would help prevent such kind of attacks.


Last edited by yuvarajrao on Sat Feb 21, 2009 11:43 am; edited 2 times in total

Author: rvdwestenLocation: Breda, The Netherlands PostPosted: Wed Feb 18, 2009 9:48 am    Post subject:
    ----
I think SQL injection attacks are common attacks which happen on daily basis. I usually see loads of these attacks on my webservers.

There are some commercial hardware appliances which can help you identify and protect against these attacks, but depending on the assets you are trying to protect they are not always worth the investment.

Author: jhonas PostPosted: Wed Oct 27, 2010 7:14 am    Post subject:
    ----
From My point of view the web application security software will definitely help you to prevent such kind of attacks.

Author: Erfiug PostPosted: Wed Oct 27, 2010 10:21 pm    Post subject: Re: Did you notice about the SQL Injection Attacks? How to s
    ----
yuvarajrao wrote:
Recently I see lot of news relating to SQL injection attacks, by romanion hackers. Did you notice they target only security software companies. Did you why are they targeting only security companies databases. Is there any specific reason for this.

How can I safeguard my website? Do you think, an web application security software would help prevent such kind of attacks.
Just make sure that you use parametrized queries, and secure functions for creating them, to sanity the user input, and to use the principle of least privilege.

Author: Fire AntLocation: London PostPosted: Mon Nov 01, 2010 10:02 pm    Post subject:
    ----
I agree with Erfiug. Putting in hardware and software to defend against an attack is like building a wall around a village at the bottom of a valley.

You should concentrate on preventive and detective measures like:

Secure coding techniques
Peer review coding
Pen testing
Log monitoring and alerting

Fire Ant



Networking/Security Forums -> Security Related Software


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group