Wednesday, August 20, 2008

Register  Login
»  Forum   Search
 Login Minimize


Enter the code shown above in the box below

Register
Forgot Password ?

 Print   
 Links Minimize
 Print   
 Sponsor Minimize
 Print   
 Community Board Minimize
 
  Forum  Database  MS SQL SERVER  SQL Injection Fresh Attack
Previous Previous
 
Next Disabled
New Post 5/16/2008 8:09 AM
  Sumit
17 posts
Starter


SQL Injection Fresh Attack 

Recently, I get  a news that about 40 website got SQL injection attack. These sites are attach by Encoded SQL script through a bot.

Here are some techincal information about the same

http://blogs.zdnet.com/security/?p=1059

http://www.gutizz.com/encoded-sql-injection/

Please make sure you have validate your Inputs to website, to avoid these attacks. These attacks refers to coding error/mistakes only and it is not MS SQL SERVER's error. So don't blame MS but your coder.

Have fun

Sumit Gupta http://www.sumitgupta.net
 
New Post 5/18/2008 9:47 AM
  bruce
3 posts
Starter


Re: SQL Injection Fresh Attack 

Hello,

Can we use URL Rewriting to avoid that ? As in those cases we will have regular expressions filtering the Query String and there we can put a restriction as well ?

Thanks

 

Bruce Go Go Go
 
 Page 1 of 1
Previous Previous
 
Next Disabled
  Forum  Database  MS SQL SERVER  SQL Injection Fresh Attack
 Print   
 Sponsor Minimize
 Print   
Copyright 2008, Vikasumit   Terms Of Use  Privacy Statement