保护开源的数据库系统MYSQL和PostgreSQL免遭SQL injection攻击。
官方站点: http://www.greensql.net/
GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc). GreenSQL provides MySQL database security solution. GreenSQL is distributed under the GPL license
可以运行于下述模式:
1.Simulation Mode (database IDS)
是Silent模式,类似于IDS系统,仅仅对于可疑事件进行Log。
2.Blocking Suspicious Commands (database IPS)
类似于IPS系统,GreenSQL将利用其“启发式”引擎检测以及阻塞非法的查询。其阻塞的Action同IPS看起来很不同,不是中断连接,而是仅仅返回空的结果集,这样用户无法察觉其存在,行为也更加graceful。
3.Learning mode
在该模式下,GreenSQL学习查询信息,并自动加入到白名单。在learn了足够多的东西后,可以将系统配置为下面的模式4.
4.Active protection from unknown queries (db firewall)
利用从模式3学到的白名单作为基础,采用“启发式”引擎,进行下一步的DB IPS的工作。
--EOF--