Slashdot Mirror

← Back to Stories (view on slashdot.org)

SQL Injection Attacks Increasing

Posted by ryuzaki0 on from the so-easy-to-miss dept.

An anonymous reader writes "Help Net Security has a story that covers the dramatic increase in the number of hacker attacks attempted against its banking, credit union and utility clients in the past three months using SQL Injection." Article follows up on press release with a little more information. Not a lot here shockingly surprising, but it's worth mentioning that SQL injection is a real pain for web developers. You have to be very careful about checking user input.

2 of 384 comments (clear)

  1. Re:How difficult is it. by eggoeater · · Score: 0, Redundant

    Yes, but most SQL injection attacks happen via text boxes which gets put into a String type. What the parent is suggesting is recasting them into numbers (e.g. SSN, account number, etc) or date/time.
    If the user is entering a name or password, then you have to manually screen the input for bad data.

    --
    $7.95/mo, 200 GB disk, 2TBxfer, MySQL, PHP, RoR.
  2. Re:Qualifications by tbannist · · Score: 0, Redundant

    And look at the quality of today's politicans...

    --
    Fanatically anti-fanatical