WebApp Sec mailing list archives
RE: ISA Server and SQL Injection
From: "Roberto GABERGI" <Roberto.Gabergi () axiliance com>
Date: Thu, 17 Feb 2005 15:25:51 +0100
Application layer firewalls protect against sql injection and other real time layer 7 hacking events.
Absolutely, it is one of the main characteristics of an application firewall. It protects from any specific web attack like SQL Injection, Cross site scripting, cookie hijacking etc... An example of this technology is available here: http://www.axiliance.com/technologie/fhi/?LG=uk Bests Regards, Roberto GABERGI (mailto:roberto.gabergi () axiliance com) AXILIANCE - http://www.axiliance.com Web Application Firewall, Citrix ICA Security and Web Single Sign-On -----Message d'origine----- De : charles freeman [mailto:the.freemans () comcast net] Envoyé : mercredi 16 février 2005 19:19 À : webappsec () securityfocus com; jsteer () microsoft com; smcsoc () yahoo es Objet : RE: ISA Server and SQL Injection Application layer firewalls protect against sql injection and other real time layer 7 hacking events. ISA server would not. -----Original Message----- From: John Steer [mailto:jsteer () microsoft com] Sent: Monday, February 14, 2005 8:48 PM To: Rafael San Miguel; webappsec () securityfocus com Subject: RE: ISA Server and SQL Injection I'm not sure any firewall would stop a SQL Injection attack. This is an application issue -----Original Message----- From: Rafael San Miguel [mailto:smcsoc () yahoo es] Sent: Monday, February 14, 2005 10:06 AM To: webappsec () securityfocus com Subject: ISA Server and SQL Injection Hi all, ¿Has anyone tested ISA Server 2004 against SQL Injection attacks? I mean, ¿can it protect from this type of vulnerability? Thanks in advance. Greetings, Rafael San Miguel Carrasco
Current thread:
- Re: ISA Server and SQL Injection, (continued)
- Re: ISA Server and SQL Injection Matthieu Estrade (Feb 16)
- Re: ISA Server and SQL Injection Bogdan Tomchuk (Feb 16)
- Re: ISA Server and SQL Injection Matthieu Estrade (Feb 17)
- Re: ISA Server and SQL Injection Bogdan Tomchuk (Feb 17)
- Re: ISA Server and SQL Injection Matthieu Estrade (Feb 17)
- RE: ISA Server and SQL Injection Marty Block (Feb 19)
- Re: ISA Server and SQL Injection Matthieu Estrade (Feb 16)
- Re: ISA Server and SQL Injection fantomas (Feb 28)
- Re: ISA Server and SQL Injection Darren Bounds (Feb 16)
- Re: ISA Server and SQL Injection Matthieu Estrade (Feb 17)
- Re: ISA Server and SQL Injection Matthieu Estrade (Feb 19)
- RE: ISA Server and SQL Injection Ofer Shezaf (Feb 21)
- RE: ISA Server and SQL Injection Mark Curphey (Feb 21)
- Solutions, Results, and Comments - Was [ISA Server and SQL Injection] Jeremiah Grossman (Feb 23)
- Re: Solutions, Results, and Comments - Was [ISA Server and SQL Injection] David (Feb 23)
- Re: Solutions, Results, and Comments - Was [ISA Server and SQL Injection] Jeremiah Grossman (Feb 28)
- storing SSNs, CCNs, password in the DB Francesco (Feb 28)