2008/3/31, Darden, Patrick S. :

> I don't know of a level 4 above, which would be:
>
> 4. application proxy (SQL proxy that filters out all queries by default except those that match specific criteria, i.e. a SQL whitelist ruleset)


(Actually SQL injection is in the http request, and in case of POST,
also in the body. So you need a http proxy to defend against it on a
firewall.)

>
> I think if someone did make such a beastie, it would make waves.


Well, some 7 years ago we also thought so. So we created Zorp.
Very few have shown interest since (well, we can give food to a bunch
of developers, but no world domination still), and even fewer use more
than a tenth of its features.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards