I am experiencing an attack on my sql server, some say it is in injection attack, or not ... i want to put my web application that connects to the database offline tonight. check my db at that time and make sure its clean, then tomorrow morning check again and see if it is still clean, if it is then its most likely something from the outside entering data into our system, if not it may be something within.
Do you know of anyting that might update fields in a database ? If so how can this be done if the only page that is not password protected is the login page, i already modified it so that it doesnt accept apostrophes or quotes. Anything else i should not accept in login fields ?
Help is appreciated ! .. if you think it might me malware, adware, etc ... not that i know of any that might update an sql database, but then again, i know little ... what would you recommend installing as far as software to check on this ?
Any help is greatly appreciated.