On Fri, Mar 28, 2008 at 12:57 PM, Josh wrote:

> Is this a reasonable path to go down, or is there more
> functionality in vendor responses to and protection
> against SQL injection?
>


I'm not an expert, on this list especially, but it seems to me that
the firewall is the wrong place to look in regards to stopping SQL
Injection attacks. The better place would be the coding that allows
for such attacks.

I'm also not aware of "known vulnerabilities" in regards to SQL
Injection - thinking that its more of a per-app kind of thing. Unless,
of course, there's a package out there that, by default, is
vulnerable.

If my thinking is in error, please tell me. I'd like more info myself.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards