Recent
Articles |
MySQL Gets Telecom-Specific
Due to demand, MySQL AB announced the expansion of its
telecom-specific services and consulting for MySQL software.
Specifically, the company is promoting its...
Practice
Makes Perfect For SQL
MySQL guru Sheeri Kritzer listed eight SQL best practices
for database professionals who are hard at work on...
Ingres
Christens Project Icebreaker
The open source database company Ingres teamed with another
open source player to deliver Icebreaker, a way...
MySQL
Turbo Manager And Dream Coder
The success and the longevity of any prominent business
nowadays depend on powerful application infrastructures
and effective, reliable management...
|
|
|
10.10.06
What To Know About SQL Injection Attacks
 By
Dr. Kannan Balakrishnan
Recently when going through some student projects on web design I came across codes similar to the following many times.
$Result =Select * from members where username='$x' and password= ‘$y';
This is typically a code used for user authentication, in which the username and password are collected into variables $x and $y .The students and many web designers assume that such queries are safe and the system is well protected.They also assume that people will give simple strings to the variables $x and $y.
But such lazy coding gives raise to a kind of attack popularly known as SQL injection attack.The attcak primarily consists of inserting SQL queries into the variables and hence getting unauthorized acess. The attacker may get into an admin account. Also he may enter more dangerous commands like insert, Drop etc. into SQL and cause havoc into your database.
Also this is not special to any programming language. Almost all server/client side programming is prone to this. An SQL may be injected to user registration, searches, and similar things.
Another common type of SQL injection attack is by injecting the SQL into the URL directly.
It was seen in the past that many ecommerce sites lost their data and suffered because of such attacks.
How to prevent this?
The only way to prevent this is to adhere to secure coding practices at the database and server levels.
1.Database level:
A user must have only the bare necessary privileges to the database. This is called "the principle of least privileges"
Don't give the connecting user privileges such as drop, delete etc on databases unless it is absolutely needed. This will ensure that damage to the database is minimized.
2.Programming level
Do not pass the query string generated by the user directly onto the database. First pass it through a security layer which checks for unwanted characters, replaces spurious commands etc. and blocks the query if it is suspicious. For example the security layer may find that in the variables passed by the user, there are unnecessary quotes and change them. You can design an abstract security layer, which works for all types of databases and stop attacks.Also many resourses including code are available on the web.What one needs is an awareness of this problem and willingness to read and adopt the techniques.
This is only an elementary exposure to the technique of SQL injection. There are many specific articles dealing with the problem with different databases. some useful links to such articles are given in my blog http://wbforu.blogspot.com.
About the Author:
Dr.Kannan Balakrishnan is a computer expert and writer. He also writes
abouut web business in the blog http://wbforu.blogspot.com/. An expanded
version of the above article,including many useful links to web designers
can be found in the blog http://\wbforu.blogspot.com.
|
