Security Basics mailing list archives
Re: Database Firewall
From: Yuli Stremovsky <stremovsky () gmail com>
Date: Wed, 4 Mar 2009 00:31:44 +0200
Hello Jon I can not be impartial about the GreenSQL project because I am actively involved in it's development. I am using GreenSQL dev. version in a number of production sites. It works great for me. BTW, if you want to use it in production I advise you to grab the sources from subversion. Official version will be released very shortly. Best regards, Yuli --- http://www.greensql.net/ On Sat, Feb 28, 2009 at 4:16 AM, Jon Kibler <Jon.Kibler () aset com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, In case you are not familiar with the concepts of an application firewall, they are filters that sit between the client application and the protected resource. For Apache, there is mod_security, which does filtering of client supplied content for potential attacks against the web application. Thus, mod_security fits into a class of software called "Web Application Firewalls." On the database side, this is a newer technology. The major open source example of a Database Application Firewall (or, more often called just a Database Firewall) is GreenSQL. It tries to clean up SQL to help reduce the possibility of a successful SQL injection attack. I have just started looking at GreenSQL as a database firewall for MySQL. I would be interested in hearing others experience with it. Has anyone deployed it? If so, how well does it work? Other pros and cons? Also, we are starting to see injection attacks against LDAP. Clearly a database firewall is needed for LDAP. Does anyone know of an LDAP database firewall -- commercial or open source? THANKS! Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmonocACgkQUVxQRc85QlPjbgCfZUXez83KjSxRURXPGteoTXT4 ptsAn2ShMcKfFXdWuLR+Qo/E5dRzyHAv =jyJt -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
Current thread:
- Database Firewall Jon Kibler (Mar 02)
- Re: Database Firewall Ronald van der Westen (Mar 03)
- Re: Database Firewall Yuli Stremovsky (Mar 03)
- <Possible follow-ups>
- Re: Database Firewall praveen_recker (Mar 03)
- RE: Database Firewall Charis (Mar 03)
- Fw: Database Firewall Deano (Mar 04)