GreenSQL Publisher's description
GreenSQL is an open source database firewall used to protect databases from SQL injection attacks.
GreenSQL is an open source database firewall used to protect databases from SQL injection attacks. GreenSQL works in a proxy mode and has built in support for MySQL.
The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).
GreenSQL uses a pattern matching engine to find commands that are considered "illegal". For example GreenSQL blocks database administrative commands. The GreenSQL administrator can decide which commands to block using the GreenSQL web management console. The administrator can also approve a blocked query by adding them to a whitelist.
The GreenSQL database firewall provides database protection using a number of methods:
- Blocking administrative and sensitive SQL commands.
- Calculating risk of each query and blocking queries with high risk.
For each query GreenSQL calculates its risk. After the risk is calculated GreenSQL can block the query or just create a warning message. There are a number of factors that are taken into account when calculating risk.
- Access to sensitive tables increases risk query (users, accounts, credit information)
- Comments inside SQL commands increases query risk
- Usage of an empty password string
- Found вЂ?orвЂ™ token inside query
- Found SQL expression that always return true
- Comparison of constant values
System Requirements:No special requirements.
Program Release Status:
Program Install Support: Install Only