Sqlserver prevents new attempts of database Trojans

The idea is good. In the future, it will be a headache to use websites to drive Trojans. Every security measure is a temporary solution. To find the root cause, you can only analyze the source code of your program, because many websites are not developed by a programmer, many injection vulnerabilities are hard to find. They once used public files to add filtering code, which basically didn't work. They bought an IIS named long shield for fire prevention.

The idea is good. In the future, it will be a headache to use websites to drive Trojans. Every security measure is a temporary solution. To find the root cause, you can only analyze the source code of your program, because many websites are not developed by a programmer, many injection vulnerabilities are hard to find. They once used public files to add filtering code, which basically didn't work. They bought an IIS named long shield for fire prevention.

Good idea. It should be useful in the future.

Website Trojans are a headache. Every security measure is a temporary solution. To find the root cause, you can only analyze the source code of your program. Because many websites are not developed by a programmer, many injection vulnerabilities are hard to find. I used to add filtering code through public files, which is basically invalid. I bought an IIS firewall called long shield, which seems to be a bit useful, but it was finally cracked, sqlserver is down again.

Each injection should use "UPDATE table name set field name = REPLACE (field name,

Website Trojans are a headache. Every security measure is a temporary solution. To find the root cause, you can only analyze the source code of your program. Because many websites are not developed by a programmer, many injection vulnerabilities are hard to find. I used to add filtering code through public files, which is basically invalid. I bought an IIS firewall called long shield, which seems to be a bit useful, but it was finally cracked, sqlserver is down again.

Each injection should use the last quotation mark "UPDATE table name set field name = REPLACE (field name, 'Trojan address!

We cannot stop it.DatabaseBut there is always a way to make it fail. Finally, I thought of the trigger. All users familiar with triggers know that sql2000 inserts data and modifies data in the inserted temporary table before actually placing the data in the corresponding table. The hacker's foot is in this temporary table.

The following is a trigger code, which temporarily plays a role in Trojan injection.

CREATE trigger name

On Table Name

For update, insert

As

Declare @ a varchar (100) -- store Field 1

Declare @ B varchar (100) -- store Field 2

Declare @ c varchar (100) -- store Field 3

Select @ a = Field 1, @ B = Field 2, @ c = Field 3 from inserted

If (@ a like '% script %' or @ B like '% script %' or @ c like '% script % ')

Begin

ROLLBACK transaction

End

This trigger defines three variables and stores the three string fields that are easy to be hacked in the inserted Table, then, use like to fuzzy determine whether the value contains the script. If yes, the transaction will be rolled back and no error will be reported. This will paralyze the hacker and make him mistakenly think that he has crashed. You can take this script and modify it to ensure that the website is not infected with Trojans. In addition, text is a field that is easy to be infected with Trojans, but this type of processing is troublesome. It is also observed that hackers often mount several fields to a table at the same time, so as long as one field fails, the entire table fails.