Sqlserver try to prevent new Trojan database

sites linked very people headache, each of the safety measures are palliative, to find the root cause, you can only go to the analysis of the source code, because many site is not a programmer, a lot of injection vulnerabilities are difficult to find, once through the public file filtering code, invalid, buy a call dragon shield IIS firewall, seems a bit, but it was finally broken, sqlserver was hung up.

each injection must use the UPDATE table name set field name = REPLACE (field name,

)

sites linked very people headache, each of the safety measures are palliative, to find the root cause, you can only go to the analysis of the source code, because many site is not a programmer, a lot of injection vulnerabilities are difficult to find, once through the public file filtering code, invalid, buy a call dragon shield IIS firewall, seems a bit, but it was finally broken, sqlserver was hung up.

each injection must use the UPDATE table name set field name = REPLACE (field name, ‘Trojan address’,’ ‘) the last one really want to write a quote to die!

we can’t stop it from going to the database, but there’s always a way we can hang it up. Finally thought of a trigger. Familiar with the trigger are aware, SQL2000 insert data and modify the data is actually placed in the first inserted temporary table, and then put it into the actual table. Blocking hackers steps the temporary table.

below is a section of the trigger code, for the time being injected into the Trojan play a role.

CREATE trigger trigger name

on table name

for update, insert

as

declare varchar (100) – storage field 1

@a

declare varchar (100) – storage field 2

@b

declare varchar (100) – storage field 3

@c

select @a= field 1, @b= field 2, @c= field 3 from inserted

if (@a like or @b’%script%’or @c like’%script%’)

like’%script%’

begin

ROLLBACK transaction

end

>