At 03:15 PM 8/28/2007, Kamil Srot wrote:
Andrew, Alvaro... well, sure SQL injection is possibility I cannot
ignore... (and sure as "dad" of this
application, I think it's not the case :-) ... just kidding...
As even the injected SQL will be shown in the logs, so we'll know
more after some time. It's too much
issues of the same type to thing, it'll not appear anymore.
I'm really interested in what is the problem not only from
proffesional point of view...
If it's SQL injection via a webserver app, and you have _already_
logged http requests in sufficient detail you could try to look for a
"drop" in them or variations of escaped versions of it e.g.
..%44%52%4f%50... %64%52o%70 at about the time you think the incident happened.
Of course it could just be someone had db access and sent the drop command.
Regards,
Link.
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@xxxxxxxxxxxxxx so that your
message can get through to the mailing list cleanly
