Full Disclosure mailing list archives
Re: FW: Introducing a new generic approach to detecting SQL injection
From: Bipin Gautam <gautam.bipin () gmail com>
Date: Sat, 23 Apr 2005 19:43:46 +0545
Before in our forum (we use to use phorum.org message board) we use to strip "all harmful tags" from... $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS, $HTTP_POST_FILES, $HTTP_SESSION_VARS; etc..... (all possible inputs) although it restricted functionality, but indeed even protected us from some 0-days. ;) Its even better to check the max url length (acceptable) and strictly defind the acceptable INPUT data type for every INPUT feilds. even better... if max. bad request execeds say 3 in error log add... exec("/sbin/iptables -I INPUT -s $ip -j REJECT"); And email back the admin with complete log details of the attack. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FW: Introducing a new generic approach to detecting SQL injection Glenn.Everhart (Apr 19)
- RE: FW: Introducing a new generic approach todetecting SQL injection Paul Melson (Apr 19)
- Re: FW: Introducing a new generic approach to detecting SQL injection Mohit Muthanna (Apr 20)
- Re: FW: Introducing a new generic approach to detecting SQL injection Paul J. Morris (Apr 22)
- Re: FW: Introducing a new generic approach to detecting SQL injection Mohit Muthanna (Apr 22)
- Re: FW: Introducing a new generic approach to detecting SQL injection Paul J. Morris (Apr 22)
- Message not available
- Re: FW: Introducing a new generic approach to detecting SQL injection Paul J. Morris (Apr 22)
- Re: FW: Introducing a new generic approach to detecting SQL injection Mohit Muthanna (Apr 23)
- Re: FW: Introducing a new generic approach to detecting SQL injection Bipin Gautam (Apr 23)
- Re: FW: Introducing a new generic approach to detecting SQL injection Mohit Muthanna (Apr 22)