Unfortunately we didn't look at that thoroughly when we used it (the client was mostly concerned about stopping the injections), but I must say that, while I'm sure there was at least a slight increase in CPU/RAM usage, neither we or the client noticed it. The client's site ran without issues for a long time after that. They've done a rebuild since then, which is a good thing! ;)
Warm regards, Jordan Michaels Vivio Technologies http://www.viviotech.net/ 509.593.4207 x 1001 On 05/25/2011 04:37 PM, Brook Davies wrote: > > What I want to know, is what is the overhead of running fuseguard? How much > processing time does it add? How much memory usage etc? Can you comment on > that? > > Brook > > -----Original Message----- > From: Jordan Michaels [mailto:[email protected]] > Sent: May-25-11 2:35 PM > To: cf-talk > Subject: Re: down? > > > Maybe this has already been mentioned and I just didn't see it, but have you > considered using something like FuseGuard? > > http://foundeo.com/security/ > > I suggest it because we had a client who was running on some old CF code > (without cfqueryparam's) and they were getting SQL injected frequently. > Instead of rewriting every query to use<CFQUERYPARAM> for every variable > (the site was rather large) we installed FuseGuard and saved a LOT of time. > > Not only did it block the attacks without a major rewrite, it also provided > a lot of information about what attack vectors the bad guys were using. It > was very useful and well worth the cost. > > Just trying to be helpful. ;) > > Warm regards, > Jordan Michaels > Vivio Technologies > http://www.viviotech.net/ > 509.593.4207 x 1001 > > On 05/25/2011 12:42 PM, Michael Dinowitz wrote: >> >> I'm holding off turning the site back on until I finish a code review. >> I want to make sure that there are no unexpected holes. >> >> >> >> On Wed, May 25, 2011 at 3:27 PM, Michael > Muller<[email protected]>wrote: >> >>> >>> Is the website down? >>> >>> MM >>> >>> >>> -------- >>> Michael Muller >>> cell (413) 320-5336 >>> http://MontagueWebWorks.com >>> ** Powered by ROCKETFUSION ** >>> >>> Information is not knowledge >>> Knowledge is not wisdom >>> >>> Eschew Obfuscation >>> >>> >>> >>> >> >> > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:344906 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
