RE: SQL injection

From: Hecber Cordova (hecber@gmail.com)
Date: Thu Jun 09 2005 - 20:00:49 EDT

• Next message: Jeff: "Exploit Repositories and Due Diligence"
• Previous message: Ofer Shezaf: "RE: SQL injection"
• In reply to: Ofer Shezaf: "RE: SQL injection"
• Next in thread: Jeff: "Exploit Repositories and Due Diligence"
• Reply: Jeff: "Exploit Repositories and Due Diligence"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

        Hi,

        You can use Apache with mod_security, setting filters you can
stop SQL-Injections type attacks.

        Review this paper at Security Focus:
http://www.securityfocus.com/infocus/1739

El jue, 09-06-2005 a las 18:06 -0400, Ofer Shezaf escribió:
>
> Firstly, Faisal, I don't think that IDS/IPS would help you.
>
> Detecting SQL injection with signatures alone, especially the relatively straight forward signatures used in most IDS and IPS systems is difficult. While some SQL injection attacks would be detected many others would not.
>
> And secondly, to make the list of application firewalls complete, we at Breach Security also sell application firewalls (www.breach.com).
>
> ~ Ofer
>
>
>
> Ofer Shezaf
> CTO, Breach Security
> Phone (US): +1 (760) 268.1924 ext. 702
> Phone (Israel): +972 (9) 956.0036 ext.212
> Cell: +972 (54) 443.1119
> ofers@breach.com
> http://www.breach.com
>
>
> > -----Original Message-----
> > From: Richard Barrell [mailto:rbarrell@sentryware.com]
> > Sent: Thursday, June 09, 2005 7:36 PM
> > To: Faisal Khan
> > Cc: pen-test@securityfocus.com
> > Subject: Re: SQL injection
> >
> > Hi Faisal,
> >
> > There are dedicated devices that are designed to prevent attacks of
> > this sort - web application firewalls. Here are a list of
> > manufacturers that you should look into:
> >
> > (in alphabetical order)
> >
> > Imperva - www.imperva.com/
> > Kavado - www.imperva.com/
> > Netcontinuum - www.netcontinuum.com/
> > Teros - www.teros.com/
> > Watchfire (Sanctum) - www.watchfire.com
> >
> > AND, if you'll forgive the plug,
> >
> > Sentryware: www.sentryware.com
> >
> > Good luck in your search,
> >
> > Rich
> >
> > -----------------
> > FK> Pardon the ignorance, but is there any hardware/software based device
> > that
> > FK> can outright prevent/mitigate (detect?) SQL injections? Would an IDS
> > be
> > FK> able to prevent this?
> >
> > ---------------------
> > Richard Barrell, CCNP, CCDP
> > International Pre-Sales Manager
> >
> > www.sentryware.com
> > Parque Empresarial Zuatzu
> > Edificio Urgull, 2ª local 10
> > 20018 Donostia-San Sebastián
> > Spain
> >
> > Tel: +34 943 31 73 30
> > Mvl: +34 646 97 10 18
> > Skype: mr_barrell
>

• Next message: Jeff: "Exploit Repositories and Due Diligence"
• Previous message: Ofer Shezaf: "RE: SQL injection"
• In reply to: Ofer Shezaf: "RE: SQL injection"
• Next in thread: Jeff: "Exploit Repositories and Due Diligence"
• Reply: Jeff: "Exploit Repositories and Due Diligence"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:24 EDT