Firewall Wizards mailing list archives
Protocol inspection
From: Josh <usenetspamtrap () yahoo com>
Date: Fri, 28 Mar 2008 10:57:57 -0700 (PDT)
I have a question, that is hopefully approriate for
this list, related to application inspection (whatever
the vendors call it now).
We recently had some problems with SQL injection, and
I have been asked to look at whether our equipment can
stop the attacks. My knowledge about the attack is
that there isn't a generic way to block the traffic,
since a firewall can't differentiate between valid
post data (to a forum, for example) vs one that is an
attempt to use injection.
If this is the case, any vendor's protection will just
amount to responses to know attacks, and I could just
as easily create a filter on my own that stops some
portion of attacks (since I know better what data my
webservers expect).
Is this a reasonable path to go down, or is there more
functionality in vendor responses to and protection
against SQL injection?
Thanks,
Josh
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Protocol inspection Josh (Mar 28)
- Re: Protocol inspection Darden, Patrick S. (Mar 31)
- Re: Protocol inspection Magosányi Árpád (Mar 31)
- Re: Protocol inspection Marcus J. Ranum (Mar 31)
- Re: Protocol inspection Brian Loe (Mar 31)
- Re: Protocol inspection Magosányi Árpád (Mar 31)
- Re: Protocol inspection Paul Melson (Mar 31)
- Re: Protocol inspection Darden, Patrick S. (Mar 31)