About Store Forum Documentation Contact
Donations:
140$/mo



Post Reply 
Sql security
Author Message
cmontiel Offline
Member

Post: #16
RE: Sql security
Thanks for advices guys. My server is in Amazon EC2, they provide load balancers and firewall.

I've just talked with aceio in irc.

Conclusion, no cheap/free way to protect a tpc port.
06-07-2013 09:49 PM
Find all posts by this user Quote this message in a reply
Rubeus Offline
Member

Post: #17
RE: Sql security
EC2 provides you with virtualized firewall instancing, so you probably don't need anything extra, unless they provide very poor firewalls.
That aside, for this type of industry, a 99.95% SLA is very poor. If you can afford it, you will want to upgrade to a better service/co-location.
06-07-2013 10:26 PM
Find all posts by this user Quote this message in a reply
Esenthel Offline
Administrator

Post: #18
RE: Sql security
Hi,

I've just did some testing with EE.SQL methods, I've improved some unicode handling, identifier names with special characters, and SQL.string (for next release).

As long as you'll use SQL.string for writing custom conditions ("C Str &condition" method parameters) then you'll be fine. All other Str members/params are already safe and you don't need to do anything.
07-22-2013 07:52 PM
Find all posts by this user Quote this message in a reply
cmontiel Offline
Member

Post: #19
RE: Sql security
Thanks, more security is allways wellcome. wink
(This post was last modified: 07-22-2013 08:36 PM by cmontiel.)
07-22-2013 08:17 PM
Find all posts by this user Quote this message in a reply
jagatai Offline
Member

Post: #20
RE: Sql security
Just an FYI

both Endian
http://www.endian.com/en/community/overview/

and PFSense
http://www.pfsense.org/index.php@option=...id=43.html


Both firewalls use Snort as their IDS which provide lots of signatures to help mitigate attacks, you can also create a custom signature via Snort that looks for out-of-compliance packets destined to the game port and simply discard them as malicious.

-hope this helps.

PS.
Both Endian and PFSense are proven enterprise solutions, just requires a little learning curve and both stem from open source which is why they offer free ISO for appliance.
07-23-2013 06:23 PM
Find all posts by this user Quote this message in a reply
cmontiel Offline
Member

Post: #21
RE: Sql security
Interesting, I am going to read about them.
07-23-2013 11:34 PM
Find all posts by this user Quote this message in a reply
Post Reply