search cancel

SCSP SDCS protection against SQL Servers Unauthorized Commands SQL Injection and SQL Servers blind SQL Injection.

book

Article ID: 163102

calendar_today

Updated On:

Products

Critical System Protection

Issue/Introduction

You need to know if SCSP / SDCS is protecting against the following vulnerabilities: SQL Servers Unauthorized Commands SQL Injection and SQL Servers blind SQL Injection.

Resolution

SCSP / SDCS does not try and is not able to detect or prevent any SQL injection. This type of traffic is going to the database - SCSP / SDCS does not monitor, analyse or block any SQL traffic - SCSP / SDCS looks at ports, file-systems, processes but not SQL traffic. If after the hack the system start listening on another port, or starts creating or accessing files, yes it could detect or even prevent that, but not if somebody is parsing dodgy SQL queries to the database. The SCSP / SDCS does not monitor, analyse or block any SQL traffic and SCSP / SDCS does not support that type of functionality.