Re: [fw-wiz] Protocol inspection

2008/3/31, Brian Loe <knobdy@xxxxxxxxx>:
On Fri, Mar 28, 2008 at 12:57 PM, Josh <usenetspamtrap@xxxxxxxxx> wrote:

I'm not an expert, on this list especially, but it seems to me that
the firewall is the wrong place to look in regards to stopping SQL
Injection attacks. The better place would be the coding that allows
for such attacks.

Well, this is true for all security aspects. Firewall is not the
proper solution,
it is sort of a solution when the proper solution is unavailable. When
your company
have already bought that huge pile of crap which runs on five of your
web servers
and ten of your database server nodes, for which you do not have the
source code,
and no one has the expertise to modify it anyway, even at the vendor.
firewall-wizards mailing list