MySQL-Proxy Learning to Block SQL-Injection | PHP.ph

16 Aug, 2008

MySQL-Proxy Learning to Block SQL-Injection

Posted by: php In: News and Views

Stefan Esser presents an approach, a way to detect unknown query types which are result of SQL-Injection. The said approach is a simple way to make arbitrary applications more secure without touching a single line of code.

This approach is based on the idea that SQL queries issued by an application always have a certain structure. This structure can be learned and remembered by MySQL-Proxy. Any SQL query that has a different structure can then be considered an attack.

Bookmark It

Add to Bloglines

Add to Blogmarks

Add to Del.icio.us

Add to Facebook

Add to Google Bookmarks

Add to Mister Wong

Add to Netscape

Add to Newsvine

Add to Stumble Upon

Add to Shoutwire

Add to SphereIt

Add to Technorati

Add to Yahoo My Web

Tags: MySQL, PHP

No Responses to "MySQL-Proxy Learning to Block SQL-Injection"

Comment Form

Categories

Apache (8)
C and C++ (1)
Events (9)
Java (1)
Javascript (2)
Linux (16)
- Centos (4)
- Fedora Core (6)
- Ubuntu (1)
MySQL (2)
News and Views (19)
PHP (16)
Uncategorized (1)
Unix (1)
Windows (3)

Search

Latest Posts
Latest Comments
Tags

r00t.gr: Thank you for your info, worked great. I used these instructions for a complete nginx 1.0.0, php, mysql, ftp, disk + memory (ram) caching On Centos
Installing nginx 1.0.0, php, mysql, ftp, disk + memory (ram) caching On Centos 5.5 - r00t.gr: [...] go the instructions from here: http://www.php.ph/2007/12/21/centos-5-eaccelerator-installation/. I rewrite them here so that the article is comp
Mr-R-T: I get: No Matches found :s

Apache C and C++ Crosscheck Events Google Jamp Java Javascript JsUnit LAMP linpus Linux MySQL News PHP PHPUGPH PHPunit 3.2 Sebastian Bergmann Security Unix Windows

About PHP.ph

Linux Apache MySQL PHP