Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Preventing Injection attacks
Message
From
26/08/2008 11:15:18
Tc Holzer
Isle of Man
 
General information
Forum:
Microsoft SQL Server
Category:
Other
Title:
Re: Preventing Injection attacks
Environment versions
SQL Server:
SQL Server 2005
Miscellaneous
Thread ID:
01341172
Message ID:
01341832
Views:
12
>>I think it would make sense to research it fully. Here's a few to get you started:
>>
>>http://www1.cs.columbia.edu/~angelos/Papers/sqlrand.pdf
>>http://www.securiteam.com/securityreviews/5DP0N1P76E.html
>>http://www.codeproject.com/KB/database/SqlInjectionAttacks.aspx
>>http://msdn.microsoft.com/en-us/library/bb355989.aspx
>>http://blogs.technet.com/swi/archive/2008/05/29/sql-injection-attack.aspx
>>http://www.colinmackay.net/tabid/57/Default.aspx
>>http://msdn.microsoft.com/en-us/library/aa224806.aspx
>>
>>There are some appliances and tools like WatchFire AppScan, Applicure's DotDefender, or eEye's REM Security Management Appliance. Most are cost prohibitive though.
>>
>>One thing you can do though is download the trialware of some checking tools so you use it as a test to check for vulnerabilities....
>>
>>http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners
>
>One more link to the tools to complete the picture.
>
>http://www.misfitgeek.com/Tools+To+Block+And+Eradicate+SQL+Injection.aspx

Ah nice one. I thought I included that. Thanks! :)
.·*´¨)
.·`TCH
(..·*

010000110101001101101000011000010111001001110000010011110111001001000010011101010111001101110100
"When the debate is lost, slander becomes the tool of the loser." - Socrates
Vita contingit, Vive cum eo. (Life Happens, Live With it.)
"Life is not measured by the number of breaths we take, but by the moments that take our breath away." -- author unknown
"De omnibus dubitandum"
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform