SQL Injection / security

AlShack · 08-11-2006, 02:17 PM

Hi

I was just wondering what most people do to prevent malicious attack on their SQL databases?

Via the website, I'm guessing the usual string-stripping procedures? Anyone got any nice examples? I know Google is full of them, but I'd rather 'speak' with people in the Catalyst2 community.

Also, is there any way someone could directly access the SQL database, either via Enterprise Manager or any other means?

Apologies for the beginner's questions, but I don't want to upset my client by allowing their data to be corrupted.

Thanks
Alan

Jacob · 08-11-2006, 07:33 PM

Quote:

Also, is there any way someone could directly access the SQL database, either via Enterprise Manager or any other means?

They could only access it using EM if they knew your login details - so ensure you are using complex passwords.

Regards,

Jacob

AlShack · 08-11-2006, 11:08 PM

Cheers for the response Jacob.

08-11-2006, 02:17 PM	#1 (permalink)
AlShack Registered User Join Date: Jul 2004 Posts: 34	SQL Injection / security Hi I was just wondering what most people do to prevent malicious attack on their SQL databases? Via the website, I'm guessing the usual string-stripping procedures? Anyone got any nice examples? I know Google is full of them, but I'd rather 'speak' with people in the Catalyst2 community. Also, is there any way someone could directly access the SQL database, either via Enterprise Manager or any other means? Apologies for the beginner's questions, but I don't want to upset my client by allowing their data to be corrupted. Thanks Alan

Thread Tools
Show Printable Version Email this Page
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

08-11-2006, 11:08 PM	#3 (permalink)
AlShack Registered User Join Date: Jul 2004 Posts: 34	Cheers for the response Jacob.