Snort mailing list archives
SQL injection
From: Nanda Vardhan <nandu7ninja () gmail com>
Date: Thu, 29 May 2014 21:14:11 +0530
Am using snort on ubuntu. I am using snort inline mode. I need to prevent sql injection on a website hosted on local xampp server. I wrote following rule drop TCP any any -> any any (flow:to_server; content:!"GET"; nocase; pcre="[\'\"\;\:\|\&\$\%\@\\\/<>()+,]") but am unable to drop the packets. still requests r being accepted by local xampp server. how to stop sql injection attack using snort rules. may be am wrong in some command. please help me, am a beginner. if there is a step by step tutorial that would help me a lot. Thanks in advance.
------------------------------------------------------------------------------ Time is money. Stop wasting it! Get your web API in 5 minutes. www.restlet.com/download http://p.sf.net/sfu/restlet
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- SQL injection Nanda Vardhan (May 29)