I have heard of SQL injection before but I didn't know how much things an attacker can do using SQL injection. For me, there are many ways on how to prevent this, or at least minimize the damage (if ever an attack happens).
- the most basic thing to do is to create a separate user with limited privileges which the web application will use (only the privileges that the application will need, no more) so that if an attack like DROP TABLES is used, the command wont work, unless a drop privilege is given to that user.
- Second, to avoid getting information about/from your database from a public page, don't put a code that would print information that your database server returns, because if you do that, and an attacker discovers that he/she can inject an sql code, that page would be like a sql client for him/her.
- This I think is the safest but i think is not practical (last resort), when getting information from forms, encrypt it before connecting it to the sql code, because if you put a textbox on a page and will directly use the string that will be typed in the text box and will put that in your sql code, a hacker can easily inject a code. Surely, when the information from a form is encrypted before inserting that into the code, an attack would be almost impossible but it is impractical because when you view the contents of the database, it will all be encrypted.
Lastly, the thing that the guy from microsoft discussed about the attack on IIS, I think that this is really a problem when running a web server on winows. You can easily access files even from other folders by using "../", so if you use the "../" and know the folders of that server, you can traverse the folders of that server and steal some files. I think that this is not applicable in linux, in linux, you can set the permissions of folders. So if you plan to run your own web server, use linux :)
No comments:
Post a Comment