Hey folks, I saw John's tweet earlier this week about a new wave of SQL Injection ( and link to a great article on it http://www.codfusion.com/blog/post.cfm/portcullis-cfc-filter-to-protect-against-sql-injection-and-xss), and sure enough I'm seeing a huge upswing in attempts. Over 100 failed attempts last night alone.
We have taken the steps to prevent damage / harm, but I was wondering what folks are doing after they stop the attempt. What kind of message if any do you provide ? Are people checking the logs, and blocking IP's of the worst offenders? Or something else? -Rudi