there may be many sources. I got lot of understanding of SQL/XSS/LFI and RFI attacks by going through signatures provided by emergingthreats and IntruPro-IPS signatures. These signature look for SQL/scripts using patterns. Also SQL injection cheat sheet is one useful resource.
http://www.emergingthreats.net/rules/emerging-web_sql_injection.rules http://wiki.intoto.com/intoto_wiki/tiki-index.php?page=IntruPro-IPS : you can see signatures only after downloading and installing their management application. Ravi On Sat, Jun 28, 2008 at 8:34 AM, <[EMAIL PROTECTED]> wrote: > > I am studying SQL injection attacks. Generelly what patters in the incoming > stream presents the occurence of SQL injection attacks. > > > Thanks in advance. > > > Nitish > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to > http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw > to learn more. > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
