INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Detect SQL injection and Prevent SQL injection.

Detect SQL injection and Prevent SQL injection.

(OP)
Hello All,

I was wondering if anyone has a sql statement to detect SQL Injection in the database, prevent SQL Injection in the Oracle database 11gr2.

Thanks so much for your input.

RE: Detect SQL injection and Prevent SQL injection.

Tekpr00,

Oracle Firewall (click this link) is a product that can (if configured properly) both detect and prevent SQL injections. As is always the case with Oracle products, prices may vary.

santaMufasa
(aka Dave of Sandy, Utah, USA)
“People may forget what you say, but they will never forget how you made them feel."

RE: Detect SQL injection and Prevent SQL injection.

(OP)
Thanks for your suggestion SantaMufasa.
I am aware of the Oracle Audit Vault and Database Firewall (AVDF).
I was looking for a free script or shareware that could achieve the same result.
Thanks.

RE: Detect SQL injection and Prevent SQL injection.

Quote (tekpr00)


...I was looking for a free script or shareware that could achieve the same result.
I admire your optimism.
sunshine

----------------------------------------------------------------------------
The person who says it can't be done should not interrupt the person doing it. -- Chinese proverb

RE: Detect SQL injection and Prevent SQL injection.

but don't let it go unsaid that the obvious answer is to use a stored procedure interface - that guarantees that SQL injection will never occur.
Failing that, use sql statements with bind variables.

Cut it off at source, don't try to catch it once it's happened.

Regards

T

RE: Detect SQL injection and Prevent SQL injection.

(OP)
Thanks everyone for the input.
Stay blessed.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close