From: John Lampe (jwlampe@tenablesecurity.com)
Date: Thu Jun 07 2007 - 16:09:44 EDT
Jim Halfpenny wrote:
> One way of potentially hobbling simple SQL injection would be to
> insert a sentinel record at the beginning of the table (hence the
> row-0 concept). This this row is ever returned the the application can
> be made aware something bad has happened.
>
> Does this sound like a good idea, or does it encourage poor coding by
> having a safety net? All comments welcome.
>
> Jim
>
I like the 'canary' idea, but I wouldn't just look at row 0. A lot of
companies embed binary watermarks inside confidential files, bogus user
information inside a Credit Card database, etc. This information can
then be used by their IDS or passive scanner to detect when a breach has
occurred. Of course, you should still sanitize user-supplied data, scan
your apps, do source code audits, etc. ...
-- John Lampe Senior Security Researcher TENABLE Network Security, Inc. jwlampe@{nessus.org,tenablesecurity.com} Tele: (410) 872-0555 www.tenablesecurity.com Is your network TENABLE? --------------------------------------- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:52 EDT