Firewall Wizards mailing list archives

Re: preventing XSS and SQL injection?

From: ArkanoiD <ark () eltex net>
Date: Thu, 2 Jun 2005 22:58:12 +0400

It is ok when securing server traffic, but becames extremely difficult when it
comes to client proxy, because there are too many legitimate traffic patterns to add :-(

On Thu, Jun 02, 2005 at 03:03:36PM -0400, Marcus J. Ranum wrote:

ArkanoiD wrote:

Are there any hints on preventing cross-site scripting attacks and
SQL injection on proxy firewall by, say, applying some regexps on url data?


Instead of trying to block what is bad, permit only what is good.

Can you observe your legitimate traffic and converge forward
on a set of regexps that define what "good" looks like? Then
deny all else. You might be able to do that in a fairly straightforward
manner using Squid proxy cache ACLs.

mjr.


email protected and scanned by AdvascanTM - keeping email useful - www.advascan.com


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)
  - Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
    - Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)
- Re: preventing XSS and SQL injection? David Thiel (Jun 02)
- Re: preventing XSS and SQL injection? Devdas Bhagat (Jun 02)
- <Possible follow-ups>
- Re: preventing XSS and SQL injection? J. Oquendo (Jun 02)
  - Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- RE: preventing XSS and SQL injection? Behm, Jeffrey L. (Jun 02)
- Re: preventing XSS and SQL injection? J. Oquendo (Jun 02)
  - Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)