Archive for the ‘MySQL’ Category
Thursday, August 21st, 2008
Last week I gave my first webinar for MySQL titled "Bau sicherer LAMP Anwendungen". The webinar, which was a cooperation between MySQL and my company SektionEins, was held in german, covered SQL-Malware, SQL-Injection, safe programming and some tools to detect and block SQL-Injection attacks.
The recording of this webinar is now ...
Posted in MySQL, PHP, Security | 10 Comments »
Monday, August 18th, 2008
While SQL-Injection is one of the most discussed security problems in web applications other possible problems for SQL queries like overlong input are usually ignored although they can lead to all kinds of security problems.
This might be caused by the fact that security problems that are the result of overlong ...
Posted in MySQL, PHP, Security | 190 Comments »
Friday, August 15th, 2008
I previously reported about my joy with MySQL-Proxy and a simple SQL-Injection detection based on a simple heuristic.
Today I present the more interesting approach that I promised to publish after my webinar yesterday. This approach is based on the idea that SQL queries issued by an application always have a ...
Posted in MySQL, PHP, Projects, Security | 16 Comments »
Tuesday, August 5th, 2008
“MySQL Proxy is a simple program that sits between your client and MySQL server(s) that can monitor, analyze or transform their communication. Its flexibility allows for unlimited uses; common ones include: load balancing; failover; query analysis; query filtering and modification; and many more.”
The flexibility of MySQL Proxy is based on ...
Posted in MySQL, PHP, Projects, Security | 8 Comments »