Re: SQL injection

From: Tim (tim-pentest@sentinelchicken.org)
Date: Thu Jun 09 2005 - 21:45:14 EDT

• Next message: James Riden: "Re: SQL injection"
• Previous message: Jeff: "Exploit Repositories and Due Diligence"
• In reply to: Ofer Shezaf: "RE: SQL injection"
• Next in thread: James Riden: "Re: SQL injection"
• Reply: James Riden: "Re: SQL injection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> Detecting SQL injection with signatures alone, especially the
> relatively straight forward signatures used in most IDS and IPS systems
> is difficult. While some SQL injection attacks would be detected many
> others would not.

Yes, thank you for stating this.

I am sure many IPS/IDSes are great for stopping a lot of attacks. I
find it incredibly hard to believe that they stop all. It is far better
to write good code in the first place.

To those people out there who recommended this or that IPS/IDS:
Have you tested these against real attacks? Have you tried diligently
to bypass them with obfuscation/fragmentation/etc?

tim

• Next message: James Riden: "Re: SQL injection"
• Previous message: Jeff: "Exploit Repositories and Due Diligence"
• In reply to: Ofer Shezaf: "RE: SQL injection"
• Next in thread: James Riden: "Re: SQL injection"
• Reply: James Riden: "Re: SQL injection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:24 EDT