True, so you combine <cfqueryparam with blocking the IPs.. I read that it was started on ASP sites I wonder if a lot of it is ASP programmers trying to share the love ;)
On Fri, Aug 8, 2008 at 10:10 AM, Michael Dinowitz <[EMAIL PROTECTED]> wrote: > cfqueryparam doesn't help when you get 4000 hits in the last 5 minutes > trying the attack. > > On Fri, Aug 8, 2008 at 11:06 AM, Greg Morphis <[EMAIL PROTECTED]> wrote: > >> All my stuff is internal and we don't use MSSQL which is where it >> seems to be targeted but it does make for some interesting reads.. >> It's a shame people are not using <cfqueryparam> >> >> On Fri, Aug 8, 2008 at 9:56 AM, Michael Dinowitz >> <[EMAIL PROTECTED]> wrote: >> > I got a call from a friend who had the FBI at his table and wanted to >> show >> > them the posts. I think the CF-Talk threads have the most complete >> > information on the issue around. >> > >> > On Fri, Aug 8, 2008 at 10:38 AM, Greg Morphis <[EMAIL PROTECTED]> >> wrote: >> > >> >> There's been dozens of posts on it, a few on CF-Talk and a bunch more >> >> blog posts on it. Some on CF-talk close to 100 replies long.. >> >> Pretty good read and solutions to apply.. >> >> >> > >> > >> > >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Community/message.cfm/messageid:265583 Subscription: http://www.houseoffusion.com/groups/CF-Community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
