Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Hardcoded Database IP in ASP

From: "William Woodhams" <William.Woodhams () wegmans com>
Date: Fri, 15 Sep 2006 08:12:19 -0400
What type of DB are we talking about?


Bill Woodhams
Systems Technician
Development Group-Technical Systems
(585)429-3183
William.Woodhams () wegmans com
 
Newcastle United signs Michael Owen...Enough Said!
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Darryl Stevens
Sent: Thursday, September 14, 2006 2:28 PM
To: webappsec () securityfocus com; pen-test () securityfocus com
Subject: Hardcoded Database IP in ASP

Hello fellow Security Guru's.

I've been on the distro from sometime and gaining a lot of insight into 
various security issues.

Question: I have ASP script that points to a backend database residing
on 
seperate physical server. Is there any known way of getting around using
a 
hard-coded IP address to point to the database? Would utilizing the OS
hosts 
file serve my purposes of and satisfy secure code practices? Thanks
guys.

Darryl



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: