WebApp Sec mailing list archives
Re: SQL Injection Basics
From: Jerry Connolly <jerry () nologin net>
Date: Wed, 12 Feb 2003 02:11:56 +0000
dreamwvr () dreamwvr com said the following on Wed, Feb 12, 2003 at 12:17AM,
Well that is what the job of a application proxy is by definition.
An application proxy is certainly one method of achieving this effect, but the term 'firewall' may be unfortunate in this context as it may incorrectly imply that one is always using a product or piece of software to achieve the effect. The concept as used in the book I mentioned refers to "boundaries across which propagation of erroneous values is explicitly checked and contained" and is not security specific. In fact, after actually digging out the book and checking, the word 'logical' doesn't appear. (I coulda sworn ... ) -- ejrry^[bxpZZ
Current thread:
- Re: SQL Injection Basics, (continued)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics dreamwvr () dreamwvr com (Feb 11)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics Alex Russell (Feb 11)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics dreamwvr () dreamwvr com (Feb 11)
- Re: SQL Injection Basics Sverre H. Huseby (Feb 11)
- Re: SQL Injection Basics Alex Russell (Feb 11)
- Re: SQL Injection Basics Jerry Connolly (Feb 11)
- Re: SQL Injection Basics dreamwvr () dreamwvr com (Feb 11)
- Re: SQL Injection Basics Jerry Connolly (Feb 11)
- Re: SQL Injection Basics Ken Anderson (Feb 11)
- Re: WebSleuth and the SQLInjeciton Plugin Chip Andrews (Mar 10)
- Re: SQL Injection Basics Kevin Spett (Feb 11)