Help save net neutrality! Learn more.
Close

GreenSQL / News: Recent posts

GreenSQL-FW: 0.9.4 released

GreenSQL is an Open Source database firewall used to protect MySQL database from SQL injection attacks.

This is a major milestone in the application history. New version is featured by super fast performance. In addition numerous risk calculation bugs were fixed including detection of sensitive tables. This version includes prebuild packages for popular Linux systems. For downloads please use the following link:
http://www.greensql.net/download

Posted by Yuli 2008-10-20

GreenSQL-FW: 0.9.2 released

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks.

This is a major application release that includes a number of features that make GreenSQL a production ready system. New version includes support for automatic learning mode. This version includes prebuild packages for popular Linux systems. For download please use this link:
http://www.greensql.net/download

Posted by Yuli 2008-09-15

GreenSQL-Console: 0.3.4 released

GreenSQL is a database firewall engine used to protect database from SQL injection attacks. GreenSQL-Console is a web based management tool for GreenSQL firewall.

Fixed a number of bugs including adding new proxy record, fixed warning message. Application version was added to the page footer. Documentation was updated.

Posted by Yuli 2008-04-08

GreenSQL-Console: 0.3.3 released

GreenSQL-Console is an Open Source management tool used to manage GreenSQL firewall. Please check http://www.greensql.net/sql-injection-test and try to break into simple login page protected by GreenSQL.

Cross Site Request Forgery (CSRF) security bug was fixed.

Posted by Yuli 2008-03-28

GreenSQL-FW: 0.8.2 released

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. Please check http://www.greensql.net/sql-injection-test and try to break into simple login page protected by GreenSQL.

Critical bug with handling C++ like comments was fixed. FreeBSD installation package has been improved.

Posted by Yuli 2008-03-12

New GreeSQL version 0.8.1 released

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. Application logics is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).

We are proud to release GreenSQL 0.8.1, containing an assortment of bugfixes and stability enhancements. Here is a list of changes:
1. New risk engine mechanism. This time it is much more powerful and db firewall is able to cope with complicated SQL queries and find SQL tautologies.
2. While installing Debian/Ubuntu package, configuration database will be created automatically.
3. GreenSQL-Console is now much more user friendly.
4. A bunch of bugs were fixed.

Posted by Yuli 2008-02-19

GreenSQL - Database Firewall 0.6.7 Released

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).

We are proud to release GreenSQL 0.6.7, containing an assortment of bugfixes and stability enhancements. New version is released with Debian4.0 and Ununtu7.04 packages.

Posted by Yuli 2007-10-04

Security Vulnerability found in GreenSQL Console

a new version of greensql-console - a web management tool used to manage greensql database firewall has been released. GreenSQL database firewall is used to protect your database against SQL injection attacks. This new version includes fix of the XSS (cross site scripting) vulnerability. This vulnerability has been reported by Laurent Gaffie. For more information please refer:

http://www.greensql.net/security
http://www.securityfocus.com/archive/1/480278/30/0/threaded

Posted by Yuli 2007-09-23

GreenSQL Application Security Update

New version of the greensql-fw core application has been released. GreenSQL is a database firewall application used to protect your website against SQL injections attack. GreenSQL blocks SQL injection attacks by evaluating SQL query risk score factor.

The following bugs were fixed:

1. Application was prune to buffer overflow bug. As a result, skillful attacker that got access to the greensql port could inject specially crafted packet and can open remote shell to the attacker’s host. This bug has been fixed. All credits go to Nico Leidecker from Portcullis Computer Security Ltd - http:// www.portcullis.co.uk/... read more

Posted by Yuli 2007-08-28

Complete Redesign of the GreenSQL Management Console

New version of the GreenSQL-console – a web management tool for GreenSQL Open Source Database protection is ready. Here are just few highlights:

- Complete redesign of the Console Application.
- Intuitive help screen.
- New Dashboard window where you can watch all last events.

New version has been committed to subversion server. In addition, application source file has been uploaded to project download page. ... read more

Posted by Yuli 2007-07-29

New version of Greensql-fw

New version of the greensql-fw core application has been released. GreenSQL is a database firewall used to block SQL injections attacks. GreenSQL blocks SQL injection attacks by evaluating each SQL command and calculating of the query risk.

The following bugs were fixed:

1. Handling of the "#" comments.
2. Handling of the "--" comments.
3. Now you can use dash inside configuration file.
4. Removed a number of log messages.
5. Fixed a bug with handling of the empty SQL queries in the mysql module.... read more

Posted by Yuli 2007-07-11

GreenSQL is going open source

GreenSQL is a database firewall used to block SQL injections attacks has been released on sourceforge. GreenSQL protects your database from execution of suspicious commands. It blocks SQL injection attacks by evaluating each SQL command and calculating of the query risk. Some of the application core features:

- Works in proxy mode
- Has web management console
- Uses super fast libevent network library
- Builtin MySQL support
- Blocks sensitive SQL commands
- Blocks SQL injections attacks... read more

Posted by Yuli 2007-06-26