If you're trying to secure your SQL server against the latest round of injection attacks, then check out this item from the Internet Storm Center, which gives some pointers on how to secure you database with ASP.
It probably makes much more sense to an SQL development than to me.. but the important point is that just cleaning up the injection attack is not enough - you also need to prevent it from happening again by securing your SQL server. And I'm afraid that probably involves spending some time and money..
3 comments:
Latest attack vector:
I have looked through my client's logs and found the code that was executed with the injection. This occurred on a site that I didn't develop, but had started hosting during the transition to a new site design/architecture.
Basically the attacker is executing a query on the database looking for text type fields in the hopes that the field is HTML. Armed with the list of tables and fields it then appends the offensive code to the contents of the field, in this case java script on a remote server.
If anyone has any further interest, I have the actual code now and could discuss mitigation offline.
We have an IPS appliance for $300 a month which stops this SQL injection attack, I can ship you one today with help on cleaning your database from the attack. We have saved dozens of companies from this today alone.
www.networkcloaking.com
Thanks,
Greg Martin
Director of Security
Sentinel IPS
can any one of your provide some kind of advise on my site www.ntuclearninghub.com seems like we have been injected by coldwop.com
Post a Comment