Firewall Wizards mailing list archives
Re: preventing XSS and SQL injection?
From: ArkanoiD <ark () eltex net>
Date: Thu, 2 Jun 2005 23:24:09 +0400
becuase it is too hard to convert history to a formal description. doing it not smart enough will lead to necessarity of adding new patterns daily or even hourly ;-) On Thu, Jun 02, 2005 at 03:36:36PM -0400, J. Oquendo wrote:
It is ok when securing server traffic, but becames extremely difficult when it comes to client proxy, because there are too many legitimate traffic patterns to add :-(Why not take a 2 week snapshot of normal traffic patterns then create your ruleset after seeing normal traffic pattern activity. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards [ Note: This message contains email list management information ] =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo GPG Key ID 0x97B43D89 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89 To conquer the enemy without resorting to war is the most desirable. The highest form of generalship is to conquer the enemy by strategy." - Sun Tzu email protected and scanned by AdvascanTM - keeping email useful - www.advascan.com
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? David Thiel (Jun 02)
- Re: preventing XSS and SQL injection? Devdas Bhagat (Jun 02)
- <Possible follow-ups>
- Re: preventing XSS and SQL injection? J. Oquendo (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- RE: preventing XSS and SQL injection? Behm, Jeffrey L. (Jun 02)
- Re: preventing XSS and SQL injection? J. Oquendo (Jun 02)
- Re: preventing XSS and SQL injection? ArkanoiD (Jun 02)
- Re: preventing XSS and SQL injection? Marcus J. Ranum (Jun 02)