Re: [fw-wiz] preventing XSS and SQL injection?

From: J. Oquendo (sil_at_infiltrated.net)
Date: 06/02/05

  • Next message: Behm, Jeffrey L.: "RE: [fw-wiz] preventing XSS and SQL injection?"
    To: firewall-wizards@honor.icsalabs.com
    Date: Thu, 2 Jun 2005 15:36:36 -0400 (EDT)
    
    

    > It is ok when securing server traffic, but becames extremely difficult
    > when it comes to client proxy, because there are too many legitimate
    > traffic patterns to add :-(

    Why not take a 2 week snapshot of normal traffic patterns then create your
    ruleset after seeing normal traffic pattern activity.

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

        [ Note: This message contains email list management information ]

    =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
    J. Oquendo
    GPG Key ID 0x97B43D89
    http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89

    To conquer the enemy without resorting to war is the most
    desirable. The highest form of generalship is to conquer
    the enemy by strategy." - Sun Tzu
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Behm, Jeffrey L.: "RE: [fw-wiz] preventing XSS and SQL injection?"