SQLassie is a free MySQL database firewall that prevents SQL injection attacks at runtime. SQLassie uses Bayesian classifiers to determine the likelihood of a query being an attack. This approach produces fewer false positives than other similar approaches.
Security
SQLassie prevents injection attacks before they have a chance to run.
Instantaneous
Protection is instantaneous - just point your web applications at SQLassie and you're done!
Analysis
SQLassie tracks suspicious queries, classifies them based on their intent, and logs this information for further review.
Options
SQLassie can be used as a passive intrusion detection system or as an active intrusion prevention system.
Support
SQLassie is free and being constantly updated and improved. Have a problem or feature request? Let us know!
[adsense size='1']
Usage
SQLassie currently only supports MySQL. To start SQLassie, you'll need to configure how SQLassie connects to the MySQL server, start SQLassie listening on a different port that is now protected, and then configure your applications to connect through this alternate port instead of directly to MySQL.
As an example, consider a scenario where you have a MySQL database engine running and listening for connections on the domain socket AfmKZaAl.pngvarAfmKZaAl.pngrunAfmKZaAl.pngmysqlAfmKZaAl.pngmysqld.sock and are running a MediaWiki installation.
First, start SQLassie using
.AfmKZaAl.pngsqlassie -s AfmKZaAl.pngvarAfmKZaAl.pngrunAfmKZaAl.pngmysqlAfmKZaAl.pngmysqld.sock -l 3307
Then, edit MediaWiki's configuration file LocalSettings.php connect to port 3307.
$wgDBServer = "127.0.0.1:3307"
Note that you can't use localhost here; by default, MySQL interprets localhost as a request to use the direct database domain socket connection, and most web applications behave this way as well. Therefore, you have to use the explicit string 127.0.0.1 in order to force connections to go through the TCP port. Check your application's documentation for more information.
Red Hat Security Advisory 2024-1687-03 – Torchsec by Admin April 9, 2024 The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1687.jsonRed Hat officially shut…(8)
Debian Security Advisory 5664-1 – Torchsec by Admin April 18, 2024 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5664-1 security@debian.orghttps://www.debian.org/security/…(8)
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.OkNoRead More
You can revoke your consent any time using the Revoke consent button.Revoke consent
MetaMask
Trust Wallet
Binance Wallet
WalletConnect
Google Sues App Developers Over Fake Crypto… April 8, 2024 Apr 08, 2024NewsroomInvestment Scam / Mobile Security Google has filed… (8)
Red Hat Security Advisory 2024-1687-03 – Torchsec April 9, 2024 The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1687.jsonRed Hat officially shut… (8)
Gloss