Re: apache > iis asp > mssql

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On Jul 15, 2008, at 7:52 AM, Tom Brown wrote:
I have apache sat in front of some IIS servers to do some logging, they just pass the request over to IIS. I have an issue where there are sql injection attacks coming through and i wonder at the URL level can i filter these out and thrown them away at the apache level. I am checking through but it seems that 'VARCHAR' is being used in the attack but not in any valid URL - Is there any rewrite or similar to be able to mitigate this? 

Check out modSecurity http://www.modsecurity.org/

S.

--
Sander Temme
sctemme@xxxxxxxxxx
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux