Aleks
asked on
notify when there is a chance in ms sql database
I am experiencing an attack on my sql server, some say it is in injection attack, or not ... i want to put my web application that connects to the database offline tonight. check my db at that time and make sure its clean, then tomorrow morning check again and see if it is still clean, if it is then its most likely something from the outside entering data into our system, if not it may be something within.
Do you know of anyting that might update fields in a database ? If so how can this be done if the only page that is not password protected is the login page, i already modified it so that it doesnt accept apostrophes or quotes. Anything else i should not accept in login fields ?
Help is appreciated ! .. if you think it might me malware, adware, etc ... not that i know of any that might update an sql database, but then again, i know little ... what would you recommend installing as far as software to check on this ?
Any help is greatly appreciated.
Do you know of anyting that might update fields in a database ? If so how can this be done if the only page that is not password protected is the login page, i already modified it so that it doesnt accept apostrophes or quotes. Anything else i should not accept in login fields ?
Help is appreciated ! .. if you think it might me malware, adware, etc ... not that i know of any that might update an sql database, but then again, i know little ... what would you recommend installing as far as software to check on this ?
Any help is greatly appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
may be you can take a hash of the database at night and another one in the morning to see if it had changed.
ASKER
I ran a trace last night, we are looking at it now ..