Hello Experts,
When looking at the forums, I came across some people mentioning SQL injection attacks, an in particular, the logs suggest that a "time penalty" is added if the system detects an SQL injection attack. Our end users often complain of slow performance and we do have a customised ITShop implementation, so I wanted to explore if our performance issues could be caused due to the system thinking it is suffering from SQL injection atatcks
Based on this:
1) Are SQL injection attacks logged? IF so, are these logged in web or application server logs, and what is the minimum logging level that needs to be set? (Trace/Warn/Debug/Info etc)
2) Is there any way to do some static analysis on the web customisation code (maybe a keyword search?) and see if any potential SQL injection attacks are occuring?
Thanks
Kin
PS: We do use a large amount of database queries in our front end, and majority of them use "exec" to execute some SP in the backend to fetch the data. I saw that exec is a keyword with risk index 1.0 in QBM_FTSQLKeywords table, however I can't find anything matching in the web portal or journal logs suggesting the a SQL injection attack is taking place.
