White Papers
Fend off the next SQL Injection attack with a properly secured database
Category: Data Management, Security
Tags: html, database, authentication, applications, data
Overview As long as Web applications are used to provide access to data, SQL Injection will continue to be a threat. SQL Injection is typically used to accomplish one of four objectives: bypass authentication, glean information, inject new or alter existing data, perform a denial of service attack, or gain access to an operating system. This threat can be greatly reduced by scrubbing the input, limiting the use of dynamic SQL, and by properly configuring permissions on database servers. Using the WebGoat security tutorial application, this download shows you how to test your systems for SQL Injection vulnerabilities and how to prevent exploitation by malicious attackers.
Have you had to fend off an SQL Injection attack? How did you defend yourself? Can you offer in security advice for the TechRepublic community?
- Publisher
- TechRepublic
- File Format
- Date Published
- May 17, 2006
- Format
- White Papers
- Topics
- Anti-Hacking, Database Management
Similiar White Papers
MSDN Webcast: A Hacker's View of Your Web Applications Part 2: Web Hacking - Attack Scenarios and Examples - Level 300
By taking advantage of the public access to a company and using it to subvert the applications, hackers can gain easy ac
Publisher: Microsoft | Tags: applications, data, hackers
Search Engines Used to Attack Databases
Database security has recently become the victim of misused search engines. Over the last year or so, Hackers have begun
Publisher: Application Security | Tags: applications, database, firewall, hacker, hackers, search engine
MSDN Webcast: Protecting Your System From SQL Injection Attacks - Level 200
SQL injection is one of the most serious threats a database can encounter. When an application is designed without regar
Publisher: Microsoft | Tags: database, hacker, hackers, server
MSDN Webcast: Live From TechEd: How Hackers Hack - Level 200
Learning how hackers do what they do is a necessary to understand how to design and code defensively. This webcast looks
Publisher: Microsoft | Tags: developers, hackers, spoofing
Application-Level Attacks: Phishing and Session Hijacking (Level 300)
This webcast will provide in-depth demonstrations of a variety of Web application hacking techniques such as SQL Injecti
TechRepublic White Papers
Build your own consulting contract using this sample form
Both independent consultants and their clients benefit when they're working with a solid contract. Download this sample
Publisher: TechRepublic | Tags: html
Say 'no thanks' the right way with this sample rejection letter
It's a good practice to let job candidates know when they haven't gotten the job. Use this sample thanks-but-no-thanks l
Publisher: TechRepublic | Tags: html
Step by step: Configure a Windows Server 2003 VPN?Server side
Set up a Windows Server 2003-based PPTP virtual private network (VPN) with this step-by-step installation and configurat
Publisher: TechRepublic | Tags: authentication, html, network, server, vpn, windows server
Download this sample IT due diligence report template
Performing a technology due diligence is a good way to understand your client's technology and assess the financial impl
Publisher: TechRepublic | Tags: due diligence
Define project expectations with this criteria acceptance form
Establishing acceptance criteria at the beginning of a project helps ensure that the results are well received. This sam
Publisher: TechRepublic | Tags: html
Featured white papers
-
The Value of Location Intelligence in the Communications Industry
Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities...
-
Best Practices for Translating Customer Satisfaction into Revenue
Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language...
-
HP print solutions and 3M
The objective for 3M was to optimize office printing infrastructure at 3M locations worldwide, reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print solutions...
-
Check out these top business apps for your iPhone
-
Inside a Microsoft datacentre
-
Green IT without losing your edge
-
Peter Cochrane's latest video blog
-
What you need to know about Windows 7