How to Detect SQL Injection Attacks

[Jackcheng]

My server encountered SQL Injection Acctacks. Please, somebody, recommend an intrusion detection tool. Thanks in advanced!

 

[aloycasmir]

You can check this:
http://www.snort.org
It's the most popular open source intrusion detection system .
Good luck fending off your malicious attackers .
Best Regards,
Aloycasmir

 

[Devidnet]

Re:How to Detect SQL Injection Attacks

I recommend sax2, it is a freeware, for more information, pls visit http://www.ids-sax2.com/articles/DetectSQLInjectionAttacks.htm

 

[foo2thabar]

Isn't SQL Injection the result of poor code practices, like buffer overflows are?

Sounds like you need to audit your code.

 

[bariteau]

Isn't SQL Injection the result of poor code practices, like buffer overflows are?

Sounds like you need to audit your code.

Yep, you don't need to detect it, you need to prevent it. Google "prevent sql injection" or "protect sql injection" (and you can add the programming language in there too...)

 

[Dynash]

Validation of forms, it's all you need.

 

[Devidnet]

As IDSs go, I think Snort is going to be the one everyone has heard of. Sax2 is probably a good tool to help with this too. But I don't have enough experience with either to know whether they will detect an SQL injection attack. Even so, it appears you've detected the attack without it. What you need to do is to harden your server at the application level so that SQL injection attacks are nullified. If you cannot do that, you could always set an alert and configure it to run a VBS script that shuts down SQL if an attack is detected.

 

[desbest]

There is no way to detect sql injection attacks as a script just works as it normally should.
If I sql inject to login as an admin, I login and it's the same if the real admin was to login.