WebApp Sec mailing list archives
Re: SQL Injection Basics
From: "Sverre H. Huseby" <shh () thathost com>
Date: Wed, 12 Feb 2003 00:16:21 +0100
[Alex Russell] | [...] Defense in depth is nothing new, but it's kind of | entertaining watching people rediscover it over and over again. | I'm pretty sure the concepts of defense in depth will be traceable | as far back as someone has had something someone else wanted, and | someone was able to write it down. = ) [dreamwvr () dreamwvr com] | Well said. I recall a discussion sometime pre black monday. Back | in the day sort of speak:) 3 people come to my mind as coining it | for security. Anyways it has been around since MULTICS days at | least. I've already stated that it was the _term_ "boundary filtering" that thrilled me, not the concept of defense in depth or any other _concepts_ for that matter. I just did a couple of Google searches: "boundary filtering" 142 matches "input validation" 31000 matches Of the 142 matches for the term "boundary filtering", some are used in docs on image processing, while the larger share seem to be used in related to network perimiters, often with computer viruses in mind. The ideas of boundary filtering within applications may be old, but the _term_ doesn't seem that common, at least not when it comes to how it is used by the OWASP Filters project. Alex, where did you get the term from? Sverre. -- shh () thathost com Computer Geek? Try my Nerd Quiz http://shh.thathost.com/ http://nerdquiz.thathost.com/
Current thread:
- Re: SQL Injection Basics, (continued)
- Re: SQL Injection Basics Dirk Gomez (Feb 11)
- Re: SQL Injection Basics Dejan Bosanac (Feb 11)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics dreamwvr () dreamwvr com (Feb 11)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics dreamwvr () dreamwvr com (Feb 11)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics Alex Russell (Feb 11)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics dreamwvr () dreamwvr com (Feb 11)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics Alex Russell (Feb 11)
- Re: SQL Injection Basics Jerry Connolly (Feb 11)
- Re: SQL Injection Basics dreamwvr () dreamwvr com (Feb 11)
- Re: SQL Injection Basics Jerry Connolly (Feb 11)
- Re: SQL Injection Basics Ken Anderson (Feb 11)
- Re: WebSleuth and the SQLInjeciton Plugin Chip Andrews (Mar 10)