On Thu, Jun 02, 2005 at 05:08:19PM +0400, ArkanoiD wrote:
> Are there any hints on preventing cross-site scripting attacks and
> SQL injection on proxy firewall by, say, applying some regexps on url data?

There are several Snort rules which have regexes for detecting XSS and
SQL injection. You could either use a Snort or similar box inline, or
adapt them to your own proxy.

Most snort XSS/SQL injection sigs are for specific attacks, but some
people have taken a crack at making more generic rules:

firewall-wizards mailing list