Browse by Tags

All Tags » IIS » sql injection (RSS)
Sorry, but there are no more tags available to filter with.

URLScan 3.0 rtw (release to web) available by steve schofield

I have to give kudo's to the Microsoft IIS team for updating URLScan to help block automated sql injection attacks. Especially to Wade Hilmo and Nazim Lala . They have been very responsive when it came to involving the community (Thanks guys for the w3c...
Filed under: ,

SQL Injection rule explanation how URLScan 3.0 scans requests by steve schofield

One of the things I was curious what URLScan actually scanned and how. What is just servervariables or what?! I asked Wade H from the IIS Team for further explaination. It is good to be aware when you are implementing URLScan 3.0 and sql injection rules...
Filed under: ,

URLScan 3.0 - help with sql injection attacks. by steve schofield

For those supporting a Classic ASP and ASP.NET application, you probably have noticed an increase in sql injection attempts. Microsoft has released an updated URLScan 3.0. Here is the link to download URlScan version 3 beta for 32 bit or 64 bit . You...
Filed under: ,

SQL Injection information for IIS admins and developers by steve schofield

The sql injection that has came up is affecting several ASP and ASP.NET applications. Although the only way to prevent an attack is validate the code, hopefully these posts will provide some direction. I included some links that discuss this more. http...
Filed under: ,
More Posts