We just found out about a new attack that actually ruin our database - the website seems to be ok but the database was corrupted - any direction what to do with that?
Your only course of action is to restore the database from a hopefully good backup.
After that, you'll be on the hackers radar screen for awhile so you'd better find out how they got in. If it is asprox, you'll have to search any forms you have to check for SQL injection points of entry.
Validate all data entry points. If passing data in the URL between webpages, validate that data before it gets to the SQL server and then have the SQL query validate it again.
As you found out, you can't be too careful.
If you're using Micrsoft SQL or a newer version of MySQL, you should take a look at using stored procedures for your database transactions. Carefully crafted stored procedures can reduce the threat of SQL injection attacks.
Let me know if you need further help in this.
__________________
We Watch Your Website - you go do what you do best!
WeWatch, Envision frodo - Thanks for great info
While searching the net I found some great info on blog name: http://chaptersinwebsecurity.blogspo...1_archive.html
In one of his post he recommended on a tool name dotdefender that knows how deal with web application attacks. I downloaded the tool and I was surprised, its actually stop the attacks and I could see also the attacks happening.
I contacted the guy from the blog I mentioned above and he also recommend on a way to clean the database from all the injection attacks we had.
I will update in a week and let you know how it works out.
« Reply to our website got a asprox silent defacement attack
