[fw-wiz] Protocol inspection



I have a question, that is hopefully approriate for
this list, related to application inspection (whatever
the vendors call it now).

We recently had some problems with SQL injection, and
I have been asked to look at whether our equipment can
stop the attacks. My knowledge about the attack is
that there isn't a generic way to block the traffic,
since a firewall can't differentiate between valid
post data (to a forum, for example) vs one that is an
attempt to use injection.

If this is the case, any vendor's protection will just
amount to responses to know attacks, and I could just
as easily create a filter on my own that stops some
portion of attacks (since I know better what data my
webservers expect).

Is this a reasonable path to go down, or is there more
functionality in vendor responses to and protection
against SQL injection?

Thanks,
Josh


____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: [fw-wiz] Protocol inspection
    ... firewall ... (includes a blacklist version that prevents two specific SQl injection attacks, ... functionality in vendor responses to and protection ...
    (Firewall-Wizards)
  • Re: sql injection: url or form based?
    ... start putting your SQL injection magic in the input boxes to ... Hackers are concentrating their efforts on attacking applications ... Check your website for vulnerabilities to SQL injection, ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • RE: IPS Comparison
    ... publications that run advertising from the vendors being reviewed. ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • Re: database server audit tools
    ... This thing was pretty limited last time I looked at it, and had no database audit capabilities. ... this is a nice SQL injection testing tool. ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • Re: sql injection: url or form based?
    ... start putting your SQL injection magic in the input boxes to ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)