lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <8e5ffb560504230658575b9b91@mail.gmail.com>
Date: Sat Apr 23 14:58:54 2005
From: gautam.bipin at gmail.com (Bipin Gautam)
Subject: FW: Introducing a new generic approach to
	detecting SQL injection

Before in our forum (we use to use phorum.org message board) we use to
strip "all harmful tags" from...
$HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS,
$HTTP_POST_FILES, $HTTP_SESSION_VARS; etc..... (all possible inputs)
although it restricted functionality, but indeed even protected us
from some 0-days. ;)  Its even better to check the max url length
(acceptable) and strictly defind the acceptable INPUT data type for
every INPUT feilds.

even better... if max. bad request execeds say 3 in error log add...
exec("/sbin/iptables -I INPUT -s $ip -j REJECT"); And email back the
admin with complete log details of the attack.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ