Using the Percona Toolkit to detect and even prevent SQL injection attacks

Tools

23 April 4:50pm - 5:40pm @ Ballroom A

The Percona Toolkit includes pt-query-digest, which can distill queries into a fingerprint. It is possible to use the tool to mark fingerprints as having been 'reviewed'. Most applications have a small number of query patterns, and thus new un-reviewed query patterns can indicate SQL injection attacks.

The Percona Toolkit can be used out of the box to detect these new query patterns by examining logs, and it can be extended to support distilling queries in real time. This can be used in combination with a MySQL proxy to detect new patterns and immediately deny access to (or log) unauthorized queries.

This talk will discuss both methods.

Speakers

Justin Swanhart

Senior MySQL Instructor, Percona

Biography:

Justin is a systems architect. His most recent software development project is Shard-Query. His other interests include data warehousing, materialized views, and OLAP analysis. He created and maintains Flexviews, a materialized view toolkit for MySQL. Justin is also interested in column store technology. Justin also developed "noinject!" a MySQL lua proxy script for SQL injection prevention. It was developed just for this conference.

Slides

Download Slides

April 22-25, 2013

Program

Using the Percona Toolkit to detect and even prevent SQL injection attacks

Speakers

Slides

Program

Using the Percona Toolkit to detect and even prevent SQL injection attacks

Speakers

Slides

Our Sponsors

Diamond Plus Sponsors

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Exhibit Only

Media Sponsors