Hi! guys, I think it's very hard to protect your database cuz when I check some tutorials I found that if someone does a reverse engineering to any app dealing with DataBase he can inserts date to it is that correct or there is any way to protect your data
Responses (1)
Seek "list of cyberattacks".
It isn't merely an issue of databases, but protection in general is a game of cat and mouse - cryptographers, cyber security specialists and the likes invent algorithms and methods of protection, others find vulnerabilities and use or invent certain attacks to crack them.
In databases specifically the big issue is more in your design, mostly as a programmer / administrator:
- Granting excessive privileges to a certain user, so if it is compromised or "coerced" (either personally or technically through automated scripts) it can do some damage or extract more data than you intend.
- Sql injection, which might be what you're describing, involves a part of someone's code which takes user input and dynamically executes it in more or less raw form; This way, the malicious user might close the string prematurely and execute a different statement as though it were part of the code. This is preventable through code practice and limiting privileges.
- Permitting unmitigated quantity of external requests, so the db might be flooded and can't spare resources for legitimate ones, ie denial of service attack.
- Due to the size of data, backup is generally quite rudimentary and necessity restoration dreaded.
So to answer your question, there is always some way to devise protection, and none are foolproof. The more costly a potential loss is, the more effort you can spare to invest in preventing it prematurely.