Re: SQL injection

From: James Riden (j.riden@massey.ac.nz)
Date: Thu Jun 09 2005 - 23:01:14 EDT


Tim <tim-pentest@sentinelchicken.org> writes:

> I am sure many IPS/IDSes are great for stopping a lot of attacks. I
> find it incredibly hard to believe that they stop all. It is far better
> to write good code in the first place.

Definitely true.
 
> To those people out there who recommended this or that IPS/IDS:
> Have you tested these against real attacks?

Yes, I've caught real attacks using snort with the bleeding rules. As
you say, perhaps only the obvious ones though ("xp_cmdshell").

-- 
James Riden / j.riden@massey.ac.nz / Systems Security Engineer
GPG public key available at: http://www.massey.ac.nz/~jriden/
This post does not necessarily represent the views of my employer.


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:24 EDT