Network Security: Detailed info on Re: [Full-disclosure] FW: Introducing a new generic approach to detectin

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] FW: Introducing a new generic approach to detectin

from [Bipin Gautam] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection
Date:	Sat, 23 Apr 2005 19:43:46 +0545

Before in our forum (we use to use phorum.org message board) we use to
strip "all harmful tags" from...
$HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS,
$HTTP_POST_FILES, $HTTP_SESSION_VARS; etc..... (all possible inputs)
although it restricted functionality, but indeed even protected us
from some 0-days. ;)  Its even better to check the max url length
(acceptable) and strictly defind the acceptable INPUT data type for
every INPUT feilds.

even better... if max. bad request execeds say 3 in error log add...
exec("/sbin/iptables -I INPUT -s $ip -j REJECT"); And email back the
admin with complete log details of the attack.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Glenn.Everhart RE: [Full-disclosure] FW: Introducing a new generic approach todetecting SQL injection, Paul Melson Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Mohit Muthanna Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Paul J. Morris Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Mohit Muthanna Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Paul J. Morris Message not available Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Paul J. Morris Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Mohit Muthanna Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Bipin Gautam <=

Previous by Date:	[Full-disclosure] set digest off, maddany
Next by Date:	RE: [Full-disclosure] Possible Virus activity, Martin_Roesler
Previous by Thread:	Re: [Full-disclosure] FW: Introducing a new generic approach to detecting SQL injection, Mohit Muthanna
Next by Thread:	[Full-disclosure] Shoutbox SCRIPT <= 3.0.2 Administrative MD5 Username and Password Retrieval, CorryL
Indexes:	[Date] [Thread] [Top] [All Lists]