Doing most of that. Except for the analysis later part. Anything specific you look for in doing the analysis?
On Fri, Nov 20, 2009 at 9:50 AM, Teddy R. Payne <teddyrpa...@gmail.com>wrote: > You start off by trapping the error. Prevent the transaction. Record the > error somewhere more persistent for review and analysis later. Display an > error to the user that matches your site with a meaningful message. > > Creating error trapping that can specifically identify these types of > attempts could also reduce your noise to sound ratio as well. > > > Teddy R. Payne, ACCFD > Google Talk - teddyrpa...@gmail.com > > > > > On Fri, Nov 20, 2009 at 9:44 AM, Rudi Shumpert <shump...@gmail.com> wrote: > >> the stuff I'm seeing is nothing really new, just was wondering if there >> are some best practices on what do to after to stop the attempt. >> >> -Rudi >> >> On Fri, Nov 20, 2009 at 9:27 AM, Mischa Uppelschoten < >> mischa.uppelscho...@bankersx.com> wrote: >> >>> I probably missed something, but this article is almost a year and a >>> half old... what specifically is attempted now? >>> >>> : Hey folks, >>> >>> : I saw Johns tweet earlier this week about a new wave of SQL Injection ( >>> and >>> >>> : link to a great article on it >>> : >>> http://www.codfusion.com/blog/post.cfm/portcullis-cfc-filter-to-protect-again >>> : st-sql-injection-and-xss), and sure enough Im seeing ahuge upswing in >>> : attempts. Over 100 failed attempts last night alone. >>> >>> : >>> : We have taken the steps to prevent damage / harm, but I was wondering >>> what >>> : folks are doing after they stop the attempt. What kind of message if >>> any do >>> : you provide ? Are people checking the logs, and blocking IPs of the >>> worst >>> : offenders? Or something else? >>> : >>> : -Rudi >>> >>> >>> >>> >>> Mischa Uppelschoten >>> VP of Technology >>> The Banker's Exchange, LLC. >>> 4200 Highlands Parkway SE >>> Suite A >>> Smyrna, GA 30082-5198 >>> >>> Phone: (404) 605-0100 ext. 10 >>> Fax: (404) 355-7930 >>> Web: www.BankersX.com >>> Follow this link for Instant Web Chat: >>> http://www.bankersx.com/Contact/chat.cfm?Queue=MUPPELSCHOTEN >>> ----------------------- *Original Message* ----------------------- >>> >>> *From:* Rudi Shumpert <shump...@gmail.com> <shump...@gmail.com> >>> *To:* discussion@acfug.org >>> *Date:* Fri, 20 Nov 2009 06:47:20 -0500 >>> *Subject: [ACFUG Discuss] SQL Injection* >>> >>> Hey folks, >>> >>> I saw John's tweet earlier this week about a new wave of SQL Injection ( >>> and link to a great article on it >>> http://www.codfusion.com/blog/post.cfm/portcullis-cfc-filter-to-protect-against-sql-injection-and-xss), >>> and sure enough I'm seeing a huge upswing in attempts. Over 100 failed >>> attempts last night alone. >>> >>> We have taken the steps to prevent damage / harm, but I was wondering >>> what folks are doing after they stop the attempt. What kind of message if >>> any do you provide ? Are people checking the logs, and blocking IP's of >>> the worst offenders? Or something else? >>> >>> -Rudi >>> ------------------------------------------------------------- To >>> unsubscribe from this list, manage your profile @ >>> http://www.acfug.org?fa=login.edituserform For more info, see >>> http://www.acfug.org/mailinglists Archive @ >>> http://www.mail-archive.com/discussion%40acfug.org/ List hosted by >>> http://www.fusionlink.com------------------------------------------------------------- >> >> >> >