Hello folks: Following the not-so-long-ago rounds of SQL injection attacks and much persuasion, I finally got the go-ahead to get an intrusion detection filter for our web application servers.
I have implemented the wonderful SQL Injection Blocker function posted on this discussion thread, and I am going through all of our old web application code systematically to add missing CFQUERYPARAM tags. (There are A LOT OF them). But, a web application server intrusion filter is definitely in need. Primarily, I am looking for two features: 1) Does URL rewriting 2) Does SQL injection attack alerts I am sure many of you already have a ISAPI filter installed? What do you recommend? Helicon ISAPI_Rewrite tool does URL rewriting, but I can't be sure (from their online documentation) whether it does intrusion detection or not. Any of you using it? Does it generate a lot of false positives? We have CF8 and IIS7. Thanks a bunch, Qing Xia ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:311945 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
