Firstly, Faisal, I don't think that IDS/IPS would help you.
Detecting SQL injection with signatures alone, especially the relatively
straight forward signatures used in most IDS and IPS systems is difficult.
While some SQL injection attacks would be detected many others would not.
And secondly, to make the list of application firewalls complete, we at Breach
Security also sell application firewalls (www.breach.com).
~ Ofer
Ofer Shezaf
CTO, Breach Security
Phone (US): +1 (760) 268.1924 ext. 702
Phone (Israel): +972 (9) 956.0036 ext.212
Cell: +972 (54) 443.1119
ofers@breach.com
http://www.breach.com
-----Original Message-----
From: Richard Barrell [mailto:rbarrell@sentryware.com]
Sent: Thursday, June 09, 2005 7:36 PM
To: Faisal Khan
Cc: pen-test@securityfocus.com
Subject: Re: SQL injection
Hi Faisal,
There are dedicated devices that are designed to prevent attacks of
this sort - web application firewalls. Here are a list of
manufacturers that you should look into:
(in alphabetical order)
Imperva - www.imperva.com/
Kavado - www.imperva.com/
Netcontinuum - www.netcontinuum.com/
Teros - www.teros.com/
Watchfire (Sanctum) - www.watchfire.com
AND, if you'll forgive the plug,
Sentryware: www.sentryware.com
Good luck in your search,
Rich
-----------------
FK> Pardon the ignorance, but is there any hardware/software based device
that
FK> can outright prevent/mitigate (detect?) SQL injections? Would an IDS
be
FK> able to prevent this?
---------------------
Richard Barrell, CCNP, CCDP
International Pre-Sales Manager
www.sentryware.com
Parque Empresarial Zuatzu
Edificio Urgull, 2ª local 10
20018 Donostia-San Sebastián
Spain
Tel: +34 943 31 73 30
Mvl: +34 646 97 10 18
Skype: mr_barrell
