Firewall MySQL with GreenSQL

January 7, 2009

[From TechRepublic]

A large number of attacks on Web sites and Web applications are directly related to what is known as SQL injection vulnerabilities. This is a very real problem with some applications that are written poorly; it allows a remote user to send arbitrary SQL commands to the database server by manipulating data sent to the Web server and piggy-backing the SQL commands against legitimate database queries executed by the Web application, usually without any prior checking or sanitization by the Web application.To get one up on these flaws, GreenSQL is a “firewall” for MySQL databases. What it does is intercept SQL commands being sent to MySQL, checks them, and then either halts the query or passes it on to MySQL proper. Then it returns the query results to the calling application.

The article continues at http://blogs.techrepublic.com.com/opensource/?p=317