http://www.rubak.com/cf-codes.cfm
This script (which I thought was free last time I checked but is now $5) is
a collection of "anti hack" scripts that looks for common SQL hacks (Drop
etc)
This is probobally the link you lost?
> > Was it you who had wrote the URL filed filter to eliminate DROPs and
> > such?? A conversation tat went around a few weeks ago and got lost in
> > my massive inbox :)
> >
> > We have been experiencing tons of the IDA exploit attempts... Started
> > rifling off some nasty notes to admins of where these (mostly cable
> > modem) idiots have bandwidth...
> >
> > Black Ice is cool for monitoring.. love it... Just wish it could be a
> > bit more automated on certain attack to draft emails and such... and
> > the evidence logs are really organized...
> >
> > Never thought *I* would need or want to utilize a firewall type
> > solution... Needless to say our servers are running much faster as a
> > result... Must of had a lot of really crappy traffic stressing the
> > servers... Spent about 4 hours last night patching the MS based
> > servers..
> >
> > In all I consider it worth it.. The URL hack though still concerns
> > me :)
> >
> > -paris
> > -----Original Message-----
> > From: "Don Vawter" <[EMAIL PROTECTED]>
> > Date: Sun, 12 Aug 2001 09:00:38 -0600
> > Subject: Re: Hacking CF Web Sites and Applications
> >
> > > I have a page on preventing url hacks which was derived from the
> > > school of
> > > hard knocks after it happened to me
> > > http://www.vawter.com/urlhack.cfm
> > >
> > > ----- Original Message -----
> > > From: "Daryl Fullerton" <[EMAIL PROTECTED]>
> > > To: "CF-Talk" <[EMAIL PROTECTED]>
> > > Sent: Sunday, August 12, 2001 8:37 AM
> > > Subject: Hacking CF Web Sites and Applications
> > >
> > >
> > > > Hi all,
> > > >
> > > > Any one got general advice on how to prevent hackers from getting
> > > access
> > > to
> > > > CF sites via back doors and tampering with data
> > > >
> > > > We dont want the hackers to be able to change data via URL strings.
> > > >
> > > > e.g Encrypting URL variables etc
> > > >
> > > > Anything else we should look at
> > > >
> > > > Any good articles out there?
> > > >
> > > > Thanks
> > > >
> > > > Daryl Fullerton,
> > > > Managing Partner,
> > > > BizNet Solutions,
> > > > Allaire Premier Partner (Ireland)
> > > > 133 - 137 Lisburn Road
> > > > Belfast
> > > > BT9 7AG
> > > > N.Ireland
> > > >
> > > > Direct +44 (0) 28 9022 7888
> > > > Tel +44 (0) 028 9022 3224
> > > > Fax +44 (0) 028 9022 3223
> > >
> > > <snip>
> > >
> > >
> > >
> > >
> >
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
