DBShield is a Database Firewall written in Go that has protection for MySQL/MariaDB, Oracle and PostgreSQL databases. It works in a proxy fashion inspecting traffic and dropping abnormal queries after a learning period to populate the internal database with regular queries.
Learning mode lets any query pass but it records information about it (pattern, username, time and source) into the internal database.
After collecting enough patterns we can run DBShield in protect mode. Protect mode can distinguish abnormal query pattern, user and source and take action based on configurations.
It currently supports DB2, MariaDB, MySQL, Oracle & PostgreSQL all with SSL apart from Oracle and DB2.
$ go get –u github.com/nim4/DBShield
Then you can see help using “-h” argument:
$ $GOPATH/bin/DBShield –h
Usage of DBShield:
–a get list of abnormal queries
config file (default “/etc/dbshield.yml”)
–h show help
–k show parsed config and exit
–l get list of captured patterns
and run it with your configuration, like:
$ $GOPATH/bin/DBShield –c config.yml
You can download DBShield here:
Or read more here.