Can I find out if someone is doing a SQL injection attack?

[Jeffro]

I have a classifieds script that I run that has a few thousand entries.  The last 2 nights.. out of nowhere, several of my categories (different ones each night) went from over 100 results to 0.  I'm not running any cron jobs of any kind.  I have no idea how these entries just disappeared. 

 

Is there a way I can tell if someone is running sql injection attacks on my site?  Can I check for sql vulnerabilities in my script?  Any other advice as to how I might figure out what's going on?  I host with hostgator.  Is there some auditing I could employ on mysql.. or the site itself? 

 

Many thanks for any suggestions. 

[Pikachu2000]

Have you checked your Apache logs for abnormalities? Are you logging MySQL queries anywhere?

 

Install SQLInjectMe for Firefox, and run it against any forms you have on your site. It will non-destructively run tests and report any vulnerabilities it finds.

[Jeffro]

thx pikachu.  I'll look into installing that addon at home later.  I tried here and it won't work with the latest version of firefox (much like every freaking add-on i ever try to use in firefox). 

 

Thanks for the great tip though.  I've not viewed any logs either.. but I'll definitely start looking into how to do this with hostgator (haven't done much with server admin stuff so it will all be new). 

 

Thanks again!

[fenway]

Simple question -- are you using a DB class, or are you coding each sql statement yourself? If it's the latter, you're likely vulnerable.