Welcome to WebmasterWorld Guest from 54.162.211.233

Forum Moderators: ocean10000

Message Too Old, No Replies

lilupophilupop SQL Injection Attack happening ATM

     
8:55 pm on Dec 4, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 31, 2005
posts:1108
votes: 0


Thousands of ASP and Coldfusion sites with MS-SQL back-ends and are being compromised by a SQL injection attack.

[isc.sans.edu ]
11:41 pm on Dec 14, 2011 (gmt 0)

Preferred Member

10+ Year Member

joined:May 8, 2002
posts: 440
votes: 0


I have a site that was affected but it is so big it's difficult to trace where the input is. I can turn on the logs for a limited period. But the site gets a lot of traffic so I soon have to turn the logs off or I run out of space. Does anyone know of any way I can track the inputs and catch them as they happen so I can trace which script is causing the probelm - eg email me if any input uses the word 'script' or whatever?
2:58 pm on Dec 19, 2011 (gmt 0)

Administrator

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month

joined:Jan 14, 2004
posts:857
votes: 0


Does your site use ASP Classic or ASP.net?
3:08 pm on Dec 19, 2011 (gmt 0)

Preferred Member

10+ Year Member

joined:May 8, 2002
posts: 440
votes: 0


I use classic ASP. Luckily I discovered Urlscan which has solved all my problems as I'm able to server-wide filter urls.
This 33 message thread spans 2 pages: 33
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members