From: John Lampe (jwlampe@tenablesecurity.com)
Date: Thu Jun 07 2007 - 16:09:44 EDT
Jim Halfpenny wrote:
> One way of potentially hobbling simple SQL injection would be to
> insert a sentinel record at the beginning of the table (hence the
> row-0 concept). This this row is ever returned the the application can
> be made aware something bad has happened.
>
> Does this sound like a good idea, or does it encourage poor coding by
> having a safety net? All comments welcome.
>
> Jim
>
I like the 'canary' idea, but I wouldn't just look at row 0. A lot of
companies embed binary watermarks inside confidential files, bogus user
information inside a Credit Card database, etc. This information can
then be used by their IDS or passive scanner to detect when a breach has
occurred. Of course, you should still sanitize user-supplied data, scan
your apps, do source code audits, etc. ...
--
John Lampe
Senior Security Researcher
TENABLE Network Security, Inc.
jwlampe@{nessus.org,tenablesecurity.com}
Tele: (410) 872-0555
www.tenablesecurity.com
Is your network TENABLE?
---------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:52 EDT