Penetration Testing mailing list archives

Hardcoded Database IP in ASP

From: "Darryl Stevens" <darryl_stevens () hotmail com>
Date: Thu, 14 Sep 2006 14:28:13 -0400

Hello fellow Security Guru's.

I've been on the distro from sometime and gaining a lot of insight intovarious security issues.

Question: I have ASP script that points to a backend database residing onseperate physical server. Is there any known way of getting around using ahard-coded IP address to point to the database? Would utilizing the OS hostsfile serve my purposes of and satisfy secure code practices? Thanks guys.


Darryl



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Current thread:

Hardcoded Database IP in ASP Darryl Stevens (Sep 14)
- Re: Hardcoded Database IP in ASP RSnake (Sep 15)
- RE: Hardcoded Database IP in ASP Ken Schaefer (Sep 18)
- <Possible follow-ups>
- RE: Hardcoded Database IP in ASP William Woodhams (Sep 15)
  - RE: Hardcoded Database IP in ASP Darryl Stevens (Sep 15)