Security Basics mailing list archives
Database Firewall
From: Jon Kibler <Jon.Kibler () aset com>
Date: Fri, 27 Feb 2009 21:16:39 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, In case you are not familiar with the concepts of an application firewall, they are filters that sit between the client application and the protected resource. For Apache, there is mod_security, which does filtering of client supplied content for potential attacks against the web application. Thus, mod_security fits into a class of software called "Web Application Firewalls." On the database side, this is a newer technology. The major open source example of a Database Application Firewall (or, more often called just a Database Firewall) is GreenSQL. It tries to clean up SQL to help reduce the possibility of a successful SQL injection attack. I have just started looking at GreenSQL as a database firewall for MySQL. I would be interested in hearing others experience with it. Has anyone deployed it? If so, how well does it work? Other pros and cons? Also, we are starting to see injection attacks against LDAP. Clearly a database firewall is needed for LDAP. Does anyone know of an LDAP database firewall -- commercial or open source? THANKS! Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmonocACgkQUVxQRc85QlPjbgCfZUXez83KjSxRURXPGteoTXT4 ptsAn2ShMcKfFXdWuLR+Qo/E5dRzyHAv =jyJt -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
Current thread:
- Database Firewall Jon Kibler (Mar 02)
- Re: Database Firewall Ronald van der Westen (Mar 03)
- Re: Database Firewall Yuli Stremovsky (Mar 03)
- <Possible follow-ups>
- Re: Database Firewall praveen_recker (Mar 03)
- RE: Database Firewall Charis (Mar 03)
- Fw: Database Firewall Deano (Mar 04)