GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).

GreenSQL can be installed together with database server on the same computer or it can use a distinct server. By default GreenSQL listens on local port 127.0.0.1:3305 redirecting SQL requests to 127.0.0.1:3306 (default MySQL settings). This settings could be altered using GreenSQL Console.


http://www.greensql.net/files/images/greensql-installation-db-server.preview.png

List of changes:

1. Code optimization.
2. Minor management bugs were fixes.
3. New MySQL patterns and commands added.
4. A number of risk matrix calculation bugs were fixed.
5. Debian package was enhanced. A lot of bugs were fixed.


SQL Injection Test (http://www.greensql.net/sql-injection-test)

Download (http://www.greensql.net/)

Very interesting implementation of SQL injection protection; it can be especially actual for hosting providers considering the fact that they can't influence the code of web apps in the way of better security, but with the help of such mysql proxies it is possible to force hosting users to use alternate MySQL port that is listened by mysql proxy and redirects to MySQL itself. There is the analog of GreenSQL that is called MySQL Proxy. Its function is an analysis of the queries that are transmited between MySQL and Proxy for the purpose of performance. Stefan Esser created a plugin (on LUA btw) for MySQL Proxy that implements SQL Injection test as well. Check it here
http://www.suspekt.org/2008/08/05/mysql-proxy-heuristic-sql-injection-detection/