Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Preventing Injection attacks
Message
De
08/09/2008 17:13:20
Naomi Nosonovsky
Wisconsin, États-Unis
 
 
À
26/08/2008 11:15:18
Tc Holzer
Isle of Man
Information générale
Forum:
Microsoft SQL Server
Catégorie:
Autre
Titre:
Re: Preventing Injection attacks
Versions des environnements
SQL Server:
SQL Server 2005
Divers
Thread ID:
01341172
Message ID:
01345904
Vues:
10
And this is how people do it

Here is a chakers site

>>>I think it would make sense to research it fully. Here's a few to get you started:
>>>
>>>http://www1.cs.columbia.edu/~angelos/Papers/sqlrand.pdf
>>>http://www.securiteam.com/securityreviews/5DP0N1P76E.html
>>>http://www.codeproject.com/KB/database/SqlInjectionAttacks.aspx
>>>http://msdn.microsoft.com/en-us/library/bb355989.aspx
>>>http://blogs.technet.com/swi/archive/2008/05/29/sql-injection-attack.aspx
>>>http://www.colinmackay.net/tabid/57/Default.aspx
>>>http://msdn.microsoft.com/en-us/library/aa224806.aspx
>>>
>>>There are some appliances and tools like WatchFire AppScan, Applicure's DotDefender, or eEye's REM Security Management Appliance. Most are cost prohibitive though.
>>>
>>>One thing you can do though is download the trialware of some checking tools so you use it as a test to check for vulnerabilities....
>>>
>>>http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners
>>
>>One more link to the tools to complete the picture.
>>
>>http://www.misfitgeek.com/Tools+To+Block+And+Eradicate+SQL+Injection.aspx
>
>Ah nice one. I thought I included that. Thanks! :)
If it's not broken, fix it until it is.


My Blog
Précédent
Répondre
Fil
Voir

Click here to load this message in the networking platform