linux poison RSS
linux poison Email

Protect MySQL Database from SQL injection attacks - GreenSQL

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL and PostgreSQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).

GreenSQL works as a reverse proxy for MySQL connections. This means, that instead of connecting TO THE MySQL server, your applications will connect to the GreenSQL server. GreenSQL will analyze SQL queries and then, if they're safe, will forward them to the back-end MySQL server.

The following picture describes the whole process.

GreenSQL Installation:
GreenSQL is distributed under the GPL license.
In order to work with GreenSQL download greensql-fw package from the download page.
For greensql-fw application, packages are available for RedHat, CentOS, Fedora, SuSe, Mandriva, Debian, Ubuntu.

After downloading the GreenSQL deb package for Ubuntu, you can install it using command:
sudo dpkg -i greensql-fw_X.X.X.deb
During package installation, you will be asked several installation questions related to database configuration (GreenSQL uses a MySQL or PostgreSQL database to store the logs and internal configuration). The installation package automatically configures the database settings for you.

You can start the GreenSQL firewall using the following command:
/etc/init.d/greensql-fw start
Please check the log file (/var/log/greensql.log) for any error messages.

GreenSQL Console is a web-based management tool used to configure the GreenSQL firewall. By default, the application script is located in /usr/share/greensql-fw/ directory (use apache to configure this directory). There are a number of ways which can be used to configure the GreenSQL Console.

In order to verify that everything works correctly, run the following shell command:
mysql -h 127.0.0.1 -P 3305 -u root -p
The above command will connect to GreenSQL's default port - 3305. GreenSQL will filter all SQL queries and redirect good ones to 127.0.0.1:3306 (3306 - is a default MySQL port). You can alter this settings using GreenSQL Console.



1 comments:

Carly Fiorina said...

Hi all,

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. These attacks are also known as SQL insertion attacks. Thanks a lot......

Extract Web Page Data

Post a Comment

Related Posts with Thumbnails