Microsoft Best Practices for preventing SQL Injection Attacks

re: Microsoft Best Practices for preventing SQL Injection Attacks

turkey — Fri, 01 Aug 2008 11:34:00 GMT

thanks you .. perfect docs

URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks

Harry Waldron - My IT Forums Blog — Fri, 27 Jun 2008 12:36:52 GMT

Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL

URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks

Harry Waldron - Microsoft MVP Blog — Fri, 27 Jun 2008 12:35:51 GMT

Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL

URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks

Harry Waldron - My IT Forums Blog — Fri, 27 Jun 2008 12:35:31 GMT

URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks Microsoft has just enhanced a key

re: Microsoft Best Practices for preventing SQL Injection Attacks

Rovastar — Wed, 25 Jun 2008 09:34:58 GMT

A great selection of links but also check out.

which gives you more of a hackers prospective:

ferruh.mavituna.com/sql-injection-cheatsheet-oku

ha.ckers.org/sqlinjection

so you understanding about the sort of things they do.

You will also get a greater understanding of the differences in styles that hackers user for different databases (mysql, oracle, etc). although some commands are generic others can be tailored to attack the database platform.

(search for 'SQL injection cheat sheet' for more example of these)

Although SQL injection problems are foremost developers issues hosting admin need to be aware for IIS check out the different filters like urlscan 3:

blogs.technet.com/.../new-tools-to-block-and-eradicate-sql-injection.aspx

UrlScan v3.0 Beta Release

iis — Wed, 25 Jun 2008 08:31:38 GMT

The IIS team has some street smarts when it comes to security. We learned quite a few lessons the hard

UrlScan v3.0 Beta Release

iis — Tue, 24 Jun 2008 20:29:21 GMT

The IIS team has some street smarts when it comes to security. We learned quite a few lessons the hard

UrlScan v3.0 Beta Release

Wade Hilmo — Tue, 24 Jun 2008 19:50:40 GMT

The IIS team has some street smarts when it comes to security. We learned quite a few lessons the hard

URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks

Harry Waldron - Microsoft MVP Blog — Sat, 21 Jun 2008 22:37:20 GMT

Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL

URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks

Harry Waldron - My IT Forums Blog — Sat, 21 Jun 2008 22:37:09 GMT

Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL

URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks

Harry Waldron - My IT Forums Blog — Sat, 21 Jun 2008 22:32:51 GMT

Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL

re: Microsoft Best Practices for preventing SQL Injection Attacks

Nico — Mon, 02 Jun 2008 18:01:27 GMT

Microsoft has even gone so far as creating video primers on Hello Secure World: www.microsoft.com/hellosecureworld7 Worth noting, especially when you can't ever be too careful these days.

SQL injection information from Harry's blog

MVPs — Sat, 31 May 2008 16:17:00 GMT

While the default apps on a SBS 2003 (and upcoming SBS 2008) go through a SDL process so that I'm

SQL injection information from Harry's blog

THE OFFICIAL BLOG OF THE SBS "DIVA" — Sat, 31 May 2008 15:31:52 GMT

While the default apps on a SBS 2003 (and upcoming SBS 2008) go through a SDL process so that I'm