Content Entry

GreenSQL - 开源数据库防火墙

Published: 2010-01-24 Categories: SQL Tags: GreenSQL MySQL PostgreSQL SQL injection SQL Firewall

保护开源的数据库系统MYSQL和PostgreSQL免遭SQL injection攻击。

官方站点:  http://www.greensql.net/

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc). GreenSQL provides MySQL database security solution. GreenSQL is distributed under the GPL license

可以运行于下述模式:

1.Simulation Mode (database IDS)

是Silent模式,类似于IDS系统,仅仅对于可疑事件进行Log。

2.Blocking Suspicious Commands (database IPS)

类似于IPS系统,GreenSQL将利用其“启发式”引擎检测以及阻塞非法的查询。其阻塞的Action同IPS看起来很不同,不是中断连接,而是仅仅返回空的结果集,这样用户无法察觉其存在,行为也更加graceful。

3.Learning mode

在该模式下,GreenSQL学习查询信息,并自动加入到白名单。在learn了足够多的东西后,可以将系统配置为下面的模式4.

4.Active protection from unknown queries (db firewall)

利用从模式3学到的白名单作为基础,采用“启发式”引擎,进行下一步的DB IPS的工作。

--EOF--

comments loading