http://msmvps.com/blogs/harrywaldron/default.aspxSecurity News and Best Practices for corporate and home usersenCommunityServer 2008 SP1 (Build: 30619.63)http://msmvps.com/blogs/harrywaldron/archive/2008/06/25/sql-injection-mitigation-tips-for-asp-development.aspx#1638370Fri, 27 Jun 2008 12:36:56 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638370Harry Waldron - My IT Forums Blog <p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638370" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/06/15/new-sql-injection-attacks-the-need-to-improve-legacy-web-applications.aspx#1638369Fri, 27 Jun 2008 12:36:54 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638369Harry Waldron - My IT Forums Blog <p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638369" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1638368Fri, 27 Jun 2008 12:36:52 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638368Harry Waldron - My IT Forums Blog <p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638368" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/06/25/sql-injection-mitigation-tips-for-asp-development.aspx#1638366Fri, 27 Jun 2008 12:35:56 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638366Harry Waldron - Microsoft MVP Blog<p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638366" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/06/15/new-sql-injection-attacks-the-need-to-improve-legacy-web-applications.aspx#1638365Fri, 27 Jun 2008 12:35:54 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638365Harry Waldron - Microsoft MVP Blog<p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638365" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1638364Fri, 27 Jun 2008 12:35:51 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638364Harry Waldron - Microsoft MVP Blog<p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638364" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/06/25/sql-injection-mitigation-tips-for-asp-development.aspx#1638362Fri, 27 Jun 2008 12:35:36 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638362Harry Waldron - My IT Forums Blog <p>URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks Microsoft has just enhanced a key</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638362" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/06/15/new-sql-injection-attacks-the-need-to-improve-legacy-web-applications.aspx#1638361Fri, 27 Jun 2008 12:35:34 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638361Harry Waldron - My IT Forums Blog <p>URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks Microsoft has just enhanced a key</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638361" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1638360Fri, 27 Jun 2008 12:35:31 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1638360Harry Waldron - My IT Forums Blog <p>URL Scan 3.0 Beta - New version helps detect SQL Injection Attacks Microsoft has just enhanced a key</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1638360" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1637486Wed, 25 Jun 2008 09:34:58 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1637486Rovastar<p>A great selection of links but also check out.</p> <p>which gives you more of a hackers prospective:</p> <p><a rel="nofollow" target="_new" href="http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/">ferruh.mavituna.com/sql-injection-cheatsheet-oku</a></p> <p><a rel="nofollow" target="_new" href="http://ha.ckers.org/sqlinjection/">ha.ckers.org/sqlinjection</a></p> <p>so you understanding about the sort of things they do. </p> <p>You will also get a greater understanding of the differences in styles that hackers user for different databases (mysql, oracle, etc). although some commands are generic others can be tailored to attack the database platform.</p> <p>(search for &#39;SQL injection cheat sheet&#39; for more example of these)</p> <p>Although SQL injection problems are foremost developers issues hosting admin need to be aware for IIS check out the different filters like urlscan 3:</p> <p><a rel="nofollow" target="_new" href="http://blogs.technet.com/swi/archive/2008/06/24/new-tools-to-block-and-eradicate-sql-injection.aspx">blogs.technet.com/.../new-tools-to-block-and-eradicate-sql-injection.aspx</a></p> <div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=1637486" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1637471Wed, 25 Jun 2008 08:31:38 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1637471iis<p>The IIS team has some street smarts when it comes to security. We learned quite a few lessons the hard</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1637471" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/08/windows-xp-sp3-read-all-prerequisites-for-a-successful-installation.aspx#1637400Wed, 25 Jun 2008 01:31:38 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1637400GEORGE J<p>I DOWNLOADED SP3 AND IT KNOCKED OUT ALL OF MY DEVICE MANAGERS AND MY WIRLESS TO ONE OF THREE COMPUTERS. MOW DO I RESTORE - I ALREADY DELETED SP 3 - COMPUTER IS ON WINDOWS XP.</p> <div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=1637400" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1637313Tue, 24 Jun 2008 20:29:21 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1637313iis<p>The IIS team has some street smarts when it comes to security. We learned quite a few lessons the hard</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1637313" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1637304Tue, 24 Jun 2008 19:50:40 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1637304Wade Hilmo<p>The IIS team has some street smarts when it comes to security. We learned quite a few lessons the hard</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1637304" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2005/03/13/38435.aspx#1636955Mon, 23 Jun 2008 10:09:19 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1636955Internet Security<p>Looking for even more good content on internet security and identity theft prevention tips then have a look here</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1636955" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/06/15/new-sql-injection-attacks-the-need-to-improve-legacy-web-applications.aspx#1636580Sat, 21 Jun 2008 22:37:22 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1636580Harry Waldron - Microsoft MVP Blog<p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1636580" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1636579Sat, 21 Jun 2008 22:37:20 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1636579Harry Waldron - Microsoft MVP Blog<p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1636579" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/06/15/new-sql-injection-attacks-the-need-to-improve-legacy-web-applications.aspx#1636577Sat, 21 Jun 2008 22:37:11 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1636577Harry Waldron - My IT Forums Blog <p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1636577" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/05/31/microsoft-best-practices-for-preventing-sql-injection-attacks.aspx#1636576Sat, 21 Jun 2008 22:37:09 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1636576Harry Waldron - My IT Forums Blog <p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1636576" width="1" height="1">http://msmvps.com/blogs/harrywaldron/archive/2008/06/15/new-sql-injection-attacks-the-need-to-improve-legacy-web-applications.aspx#1636571Sat, 21 Jun 2008 22:32:53 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1636571Harry Waldron - My IT Forums Blog <p>Microsoft has just enhanced a key IIS based security tool in response to the new wave of automated SQL</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1636571" width="1" height="1">