Is My Database Vulnerable?

Is My Database Vulnerable?

Post by r_o_m_.. » Thu, 04 Jan 2001 07:30:51



I'm in the process of creating a web site that has people automatically
enter information about themselves and the information they enter is
stored into a (PostgreSQL) DB on my machine.

I want to prevent a malicious person from writing a script or something
that will bombard my machine with requests to enter useless information
into the database.  Is there a way to secure my site to avoid
situations like this?

Thanx.

Sent via Deja.com
http://www.deja.com/

 
 
 

Is My Database Vulnerable?

Post by brle.. » Fri, 05 Jan 2001 01:12:49



> I want to prevent a malicious person from writing a script or something
> that will bombard my machine with requests to enter useless information
> into the database.  Is there a way to secure my site to avoid
> situations like this?

If your programs can recognize "useless information" then you simply
raise an error when it is given.  However, a clever attacker can be
indistinguishable from a large number of valid users coming through a
single proxy (e.g. AOL).  You mostly have to rely on the fact that it
isn't worth people's effort to create such a sophisticated script.

--
Bruce R. Lewis                          http://brl.sourceforge.net/
I rarely read mail sent to this address.

 
 
 

1. Vulnerable Security with Access

Hi,
We have client/server applications using SQL Server and VB. The users
connect to the database using the application. However, any smart user
can just create an ODBC and link the tables in the SQL Server using a
simple tool like Access and make changes to the data directly.
I have explored the possibility of using Application roles but I dont
like it so much. Is there a better way to prevent such kind of access in
SQL Server 7.0.
Jesbin

2. Transact sql query

3. SQL Server 7.0 still vulnerable after all service packs

4. Oracle Application Server RAM requirements???

5. Query Analyzer vulnerable thru Firewall?

6. Problem to configure Transactional Replication !!!

7. is 7.1.3 vulnerable ?

8. Sending mail from oracle 8.0.4

9. I am getting this message when i am tring to export or import anything using

10. error ORA-01855: AM/A.M. or PM/P.M. required

11. Busy Day = Slowdown from 12 AM - 5 AM

12. Use of @am, Am I dumb?

13. I am trying to drop a database