the stuff I'm seeing is nothing really new, just was wondering if there are some best practices on what do to after to stop the attempt.
-Rudi On Fri, Nov 20, 2009 at 9:27 AM, Mischa Uppelschoten < [email protected]> wrote: > I probably missed something, but this article is almost a year and a half > old... what specifically is attempted now? > > : Hey folks, > > : I saw Johns tweet earlier this week about a new wave of SQL Injection ( > and > > : link to a great article on it > : > http://www.codfusion.com/blog/post.cfm/portcullis-cfc-filter-to-protect-again > : st-sql-injection-and-xss), and sure enough Im seeing ahuge upswing in > : attempts. Over 100 failed attempts last night alone. > > : > : We have taken the steps to prevent damage / harm, but I was wondering > what > : folks are doing after they stop the attempt. What kind of message if > any do > : you provide ? Are people checking the logs, and blocking IPs of the > worst > : offenders? Or something else? > : > : -Rudi > > > > > Mischa Uppelschoten > VP of Technology > The Banker's Exchange, LLC. > 4200 Highlands Parkway SE > Suite A > Smyrna, GA 30082-5198 > > Phone: (404) 605-0100 ext. 10 > Fax: (404) 355-7930 > Web: www.BankersX.com > Follow this link for Instant Web Chat: > http://www.bankersx.com/Contact/chat.cfm?Queue=MUPPELSCHOTEN > ----------------------- *Original Message* ----------------------- > > *From:* Rudi Shumpert <[email protected]> <[email protected]> > *To:* [email protected] > *Date:* Fri, 20 Nov 2009 06:47:20 -0500 > *Subject: [ACFUG Discuss] SQL Injection* > > Hey folks, > > I saw John's tweet earlier this week about a new wave of SQL Injection ( > and link to a great article on it > http://www.codfusion.com/blog/post.cfm/portcullis-cfc-filter-to-protect-against-sql-injection-and-xss), > and sure enough I'm seeing a huge upswing in attempts. Over 100 failed > attempts last night alone. > > We have taken the steps to prevent damage / harm, but I was wondering what > folks are doing after they stop the attempt. What kind of message if any > do you provide ? Are people checking the logs, and blocking IP's of the > worst offenders? Or something else? > > -Rudi > ------------------------------------------------------------- To > unsubscribe from this list, manage your profile @ > http://www.acfug.org?fa=login.edituserform For more info, see > http://www.acfug.org/mailinglists Archive @ > http://www.mail-archive.com/discussion%40acfug.org/ List hosted by > http://www.fusionlink.com-------------------------------------------------------------
