George, I don't want to ruffle any feathers but, I recommend re-engineering the application to provide validation of user input from within the application. There is no better solution to securing your application than fixing its internal deficiencies. Trying to patch application problems with external tools is a very costly, time consuming, and a never-ending task. Fix the application and you can actually feel secure. The problem you describe is what causes almost all application vulnerabilities, that is, improper or no validation of user provided input. This is the root of such things as buffer overflows, directory traversal exploits, and data manipulation exploits, just to name a few. Ignoring the real problem and adding additional layers of complexity is a surefire way to make the problem worse, and spend a lot of money.
Regards, Steve Bernard Sr. Systems Engineer, NET George Mason University -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Didea, Gheorghe Sent: Thursday, December 05, 2002 7:54 AM To: Issforum (E-mail) Subject: [ISSForum] Web server protection vs Sanctum AppShield Hello, I want to protect a SQL application and I want to know if I can do this using Web server protection from Server Sensor. I don't want to protect just against IIS attacks but also against authenticated connection attack. For example if the application is sending back a response with 77 in header and the client is sending back a response modifying this header and sending 78 I want to block this. I ask you this because I want to know if I can do this with ISS or I need to buy an applicative IDS like AppShield Thanks George _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
