Talk:Database security

Untitled
defination: the defination of security for databses is a sypher a shyper is a type of firewall and can be used in many ways for example you could use the syper for hacking an email address eg by: jaypeeize: smaller;" class="autosigned">—Preceding unsigned comment added by 119.92.137.20 (talk) 01:12, 7 March 2011 (UTC)

???! I have no idea what you mean. NoticeBored (talk) 02:47, 5 April 2011 (UTC)

Also not sure what he means.

The sentence "Databases have been largely secured against hackers through network security measures such as firewalls, and network-based intrusion detection systems. While network security controls remain valuable in this regard, securing the database systems themselves, and the programs/functions and data within them, has arguably become more critical as networks are increasingly opened to wider access, in particular access from the Internet." Is not not really arguable. You need to utilize both network technologies, application technologies, and database technologies. For example, a SQL injection through a web application will pass right by a firewall and quite possibly an IDS (without triggering an alert) as well. That is by design -- the organization opened up the port through that firewall to permit the traffic to flow (so the firewall can actually funciton). The best place to control this risk is with input validation. 50.130.223.123 (talk) —Preceding undated comment added 19:34, 4 March 2016 (UTC)