Re: Tables dissapearing - Mailing list pgsql-general

From Lincoln Yeoh
Subject Re: Tables dissapearing
Date
Msg-id 200708281456.l7SEuqaw045810@smtp4.jaring.my
Whole thread Raw
In response to Re: Tables dissapearing  (Kamil Srot <kamil.srot@nlogy.com>)
List pgsql-general
At 03:15 PM 8/28/2007, Kamil Srot wrote:
>Andrew, Alvaro... well, sure SQL injection is possibility I cannot
>ignore... (and sure as "dad" of this
>application, I think it's not the case :-) ... just kidding...
>As even the injected SQL will be shown in the logs, so we'll know
>more after some time. It's too much
>issues of the same type to thing, it'll not appear anymore.
>
>I'm really interested in what is the problem not only from
>proffesional point of view...

If it's SQL injection via a webserver app, and you have _already_
logged http requests in sufficient detail you could try to look for a
"drop" in them or variations of escaped versions of it e.g.
..%44%52%4f%50... %64%52o%70 at about the time you think the incident happened.

Of course it could just be someone had db access and sent the drop command.

Regards,
Link.





pgsql-general by date:

Previous
From: Erik Jones
Date:
Subject: Re: Tables dissapearing
Next
From: Kevin Neufeld
Date:
Subject: Re: Read Access to database