SQL Injection is an application layer issue. Nothing with configuring your server is going to stop that (other than possibly filtering out a few common attacks). The devs need to write better code.
Cheers Ken From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Thursday, 25 September 2008 10:19 PM To: NT System Admin Issues Subject: Website security checking service Hi chaps, Can anyone recommend a website checking service that will check websites on a regular basis for security issues and report back ? One of our clients suffered an SQL injection attack this week, and on their new rebuilt server they are keen to get some element of reporting as to when any possible issues may be presented to visitors, or to be made aware as to when flaws are found in the sites. The sites change regularly and multiple teams work on any one site so a site that was once tight-as-a-nut may, the next week, be made in-secure by the action of another team. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
