Security Basics mailing list archives
Re: Database Firewall
From: Ronald van der Westen <rvdwesten () gmail com>
Date: Tue, 3 Mar 2009 06:42:47 +0100
Hi, I know that Imperva has some good appliances which can do WAF and Database protection.. You might want to have a look at their products. Note that they are not cheap ;-) Haven't had a look at GreenSQL yet so can't tell a lot about it. -Ronald On Sat, Feb 28, 2009 at 3:16 AM, Jon Kibler <Jon.Kibler () aset com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, In case you are not familiar with the concepts of an application firewall, they are filters that sit between the client application and the protected resource. For Apache, there is mod_security, which does filtering of client supplied content for potential attacks against the web application. Thus, mod_security fits into a class of software called "Web Application Firewalls." On the database side, this is a newer technology. The major open source example of a Database Application Firewall (or, more often called just a Database Firewall) is GreenSQL. It tries to clean up SQL to help reduce the possibility of a successful SQL injection attack. I have just started looking at GreenSQL as a database firewall for MySQL. I would be interested in hearing others experience with it. Has anyone deployed it? If so, how well does it work? Other pros and cons? Also, we are starting to see injection attacks against LDAP. Clearly a database firewall is needed for LDAP. Does anyone know of an LDAP database firewall -- commercial or open source? THANKS! Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmonocACgkQUVxQRc85QlPjbgCfZUXez83KjSxRURXPGteoTXT4 ptsAn2ShMcKfFXdWuLR+Qo/E5dRzyHAv =jyJt -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
-- Ronald van der Westen
Current thread:
- Database Firewall Jon Kibler (Mar 02)
- Re: Database Firewall Ronald van der Westen (Mar 03)
- Re: Database Firewall Yuli Stremovsky (Mar 03)
- <Possible follow-ups>
- Re: Database Firewall praveen_recker (Mar 03)
- RE: Database Firewall Charis (Mar 03)
- Fw: Database Firewall Deano (Mar 04)