July 30, 2010     |
Home
FAQs
       SQL Server FAQ
       SQL Injection FAQ
       SQL Security Checklist
       SQL Server-Related Products
       SQL Server/MSDE-Based Applications
       SQL Server Version Database
Tools
       Lockdown Script
       Free Tools
       Free Analysis
       Group Policy Templates
       Commercial Tools
Community
       Discussions
       Links
About
Search
Network Toaster
SQL Security Forums
Note: SQLSecurity.com does not allow nor require registration due to privacy concerns for users. SQLSecurity.com is open and anonymous for all. Please report any abuse or profanity.
Forums > Discussions > SQL Server Security
Subject: Sql Injection Virus...
Prev Next
Add Reply

Author Messages
Umar Rahman (guest)
05/23/2008 2:42 AM Quote Reply Alert 


Hi Friends, we have a website http://www.barneguiden.dk we have constanly been attacked by virus. A malicious script enters into sql server database and stops the site.
can any one please suggest us how we can prevent it. I changed some script but that did not help too. I think it is going from our search field. <script>......</script> and inside website name enters into every fields of sql .Please help!



Thanks,
Umar Rahman
Chip Andrews
Posts:113
05/24/2008 1:10 AM Quote Reply Alert 
Umar,

There are plenty of resources on this site and others on the prevention of SQL Injection attacks. Have you reviewed the code to see how the injections are occurring?

Chip
Add Reply
Forums > Discussions > SQL Server Security > Sql Injection Virus...
Quick Reply
Username:  
Subject:  
Body:
 



ActiveForums 3.6
Copyright 1999 by Chip Andrews   |  Privacy Statement  |  Terms Of Use