Regarding SQL

[aClockworkScrivener]

I have a few questions regarding SQL Injection. I'm testing my own web server for this threat, and I would like to know a few things.

Is there such thing as fool proof?

What types of character sanitation exist?

Are there ways around them?

Info links?

Another unrelated question. Is there such a thing as unhackable, no way in, forget about it? Just a general question, I'm not another retarded asking "how to 'h4xor' facebook".

best,
-clockwork

[shaqywacky]

Is there such a thing as unhackable, no way in, forget about it?

Yes. If a computer is a) turned off b) disconnected from the network(assuming remote attack) c) Has absolutely no services running.

Realistically, any server that has real services is going to be hackable. This is really more of a philosophy question though.

I would be little help with your other questions so I'll let someone more knowledgeable help you.

[anarchy420x]

I disagree with shaqywacky; there is no such thing as fool proof. He is right though; it really turns into a philosophy question. The think is that there is always some way around security due to the fact that humans are naturally flawed. We don't see all the security holes until after they are discovered. Stupidly what I mean to say, is that we can't prevent people from bypassing security holes, just react to it.

As far as SQL injection goes, I can't tell you. I learned a little about it when I was working on the missions, but I haven't dug into it yet.

[edone automaton]

Try this set of tutorials there is a download to work through, starts off nice and easy, you can do each lesson and then read up a bit more if you think it necessary. You may have to sign up for that site but that is worth doing anyway.