|
|
Home / Groups / ColdFusion Talk (CF-Talk)
recommendation for ISAPI injection filter?Hello folks: Following the not-so-long-ago rounds of SQL injection attacks and much persuasion, I finally got the go-ahead to get an intrusion detection filter for our web application servers. I have implemented the wonderful SQL Injection Blocker function posted on this discussion thread, and I am going through all of our old web application code systematically to add missing CFQUERYPARAM tags. (There are A LOT OF them). But, a web application server intrusion filter is definitely in need. Primarily, I am looking for two features: 1) Does URL rewriting 2) Does SQL injection attack alerts I am sure many of you already have a ISAPI filter installed? What do you recommend? Helicon ISAPI_Rewrite tool does URL rewriting, but I can't be sure (from their online documentation) whether it does intrusion detection or not. Any of you using it? Does it generate a lot of false positives? We have CF8 and IIS7. Thanks a bunch, Qing Xia |
Mailing Lists
|
Latest Fusion Authority Articles
|
