• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 287
  • Last Modified:

notify when there is a chance in ms sql database

I am experiencing an attack on my sql server, some say it is in injection attack, or not ... i want to put my web application that connects to the database offline tonight. check my db at that time and make sure its clean, then tomorrow morning check again and see if it is still clean, if it is then its most likely something from the outside entering data into our system, if not it may be something within.
Do  you know of anyting that might update fields in a database ?  If so how can this be done if the only page that is not password protected is the login page, i already modified it so that it doesnt accept apostrophes or quotes. Anything else i should not accept in login fields ?

Help is appreciated !  .. if you think it might me malware, adware, etc ... not that i know of any that might update an sql database, but then again, i know little ... what would you recommend installing as far as software to check on this ?

Any help is greatly appreciated.
1 Solution
Faiga DiegelCommented:
may be you can take a hash of the database at night and another one in the morning to see if it had changed.
AleksAuthor Commented:
I ran a trace last night, we are looking at it now ..

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now