| From: | Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my> |
|---|---|
| To: | Kamil Srot <kamil(dot)srot(at)nlogy(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Tables dissapearing |
| Date: | 2007-08-28 14:53:29 |
| Message-ID: | 200708281456.l7SEuqaw045810@smtp4.jaring.my |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
At 03:15 PM 8/28/2007, Kamil Srot wrote:
>Andrew, Alvaro... well, sure SQL injection is possibility I cannot
>ignore... (and sure as "dad" of this
>application, I think it's not the case :-) ... just kidding...
>As even the injected SQL will be shown in the logs, so we'll know
>more after some time. It's too much
>issues of the same type to thing, it'll not appear anymore.
>
>I'm really interested in what is the problem not only from
>proffesional point of view...
If it's SQL injection via a webserver app, and you have _already_
logged http requests in sufficient detail you could try to look for a
"drop" in them or variations of escaped versions of it e.g.
..%44%52%4f%50... %64%52o%70 at about the time you think the incident happened.
Of course it could just be someone had db access and sent the drop command.
Regards,
Link.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Paul Tilles | 2007-08-28 14:59:42 | ecpg: dtime_t vs timestamp |
| Previous Message | Erik Jones | 2007-08-28 14:49:23 | Re: Tables dissapearing |