(Updated) GreenSQL-FW 0.9.4 released
GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc). GreenSQL is distributed under the GPL license.
GreenSQL works as a reverse proxy for MySQL connections. It means, that instead of MySQL server, your applications will connect to GreenSQL server. GreenSQL will analyze SQL queries and forward them to the back-end MySQL server.
GreenSQL db firewall can be used in a number of ways:
- Simulation Mode (database IDS)
- Blocking Suspicious Commands (database IPS)
- Learning mode
- Active protection from unknown queries (db firewall)
GreenSQL has been added to Security-Database Tools Watch Process
Tool submitted by Yuli (GreenSQL’s author).