Penetration Testing mailing list archives
RE: Hardcoded Database IP in ASP
From: "William Woodhams" <William.Woodhams () wegmans com>
Date: Fri, 15 Sep 2006 08:12:19 -0400
What type of DB are we talking about? Bill Woodhams Systems Technician Development Group-Technical Systems (585)429-3183 William.Woodhams () wegmans com Newcastle United signs Michael Owen...Enough Said! -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Darryl Stevens Sent: Thursday, September 14, 2006 2:28 PM To: webappsec () securityfocus com; pen-test () securityfocus com Subject: Hardcoded Database IP in ASP Hello fellow Security Guru's. I've been on the distro from sometime and gaining a lot of insight into various security issues. Question: I have ASP script that points to a backend database residing on seperate physical server. Is there any known way of getting around using a hard-coded IP address to point to the database? Would utilizing the OS hosts file serve my purposes of and satisfy secure code practices? Thanks guys. Darryl ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- Hardcoded Database IP in ASP Darryl Stevens (Sep 14)
- Re: Hardcoded Database IP in ASP RSnake (Sep 15)
- RE: Hardcoded Database IP in ASP Ken Schaefer (Sep 18)
- <Possible follow-ups>
- RE: Hardcoded Database IP in ASP William Woodhams (Sep 15)
- RE: Hardcoded Database IP in ASP Darryl Stevens (Sep 15)