Firewall Wizards mailing list archives
RE: preventing XSS and SQL injection?
From: "Behm, Jeffrey L." <BehmJL () bvsg com>
Date: Thu, 2 Jun 2005 14:37:01 -0500
But adding all legitimate traffic patterns would seem to be a less difficult task than trying to add all known (and unknown) bad patterns. You seem to have hit the nail on Marcus' proverbial head with regards to the point he seems to me to be trying to make regarding "permit only what is good." On Thursday, June 02, 2005 1:58 PM, ArkanoiD spake:
It is ok when securing server traffic, but becames extremely difficult
when it
comes to client proxy, because there are too many legitimate traffic
patterns to add :-(
On Thu, Jun 02, 2005 at 03:03:36PM -0400, Marcus J. Ranum wrote:ArkanoiD wrote:Are there any hints on preventing cross-site scripting attacks and SQL injection on proxy firewall by, say, applying some regexps on
url data?
Instead of trying to block what is bad, permit only what is good. Can you observe your legitimate traffic and converge forwardon a set of regexps that define what "good" looks like? Thendeny all else. You might be able to do that in a fairly
straightforward
manner using Squid proxy cache ACLs.
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? David Thiel (Jun 02)
- Re: preventing XSS and SQL injection? Devdas Bhagat (Jun 02)
- <Possible follow-ups>
- Re: preventing XSS and SQL injection? J. Oquendo (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- RE: preventing XSS and SQL injection? Behm, Jeffrey L. (Jun 02)
- Re: preventing XSS and SQL injection? J. Oquendo (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)