Re: Hacking CF Web Sites and Applications

Sun, 12 Aug 2001 13:39:14 -0700 

Don,

Was it you who had wrote the URL filed filter to eliminate DROPs and 
such?? A conversation tat went around a few weeks ago and got lost in 
my massive inbox :)

We have been experiencing tons of the IDA exploit attempts... Started 
rifling off some nasty notes to admins of where these (mostly cable 
modem) idiots have bandwidth...

Black Ice is cool for monitoring.. love it... Just wish it could be a 
bit more automated on certain attack to draft emails and such... and 
the evidence logs are really organized...

Never thought *I* would need or want to utilize a firewall type 
solution... Needless to say our servers are running much faster as a 
result...  Must of had a lot of really crappy traffic stressing the 
servers... Spent about 4 hours last night patching the MS based 
servers..

In all I consider it worth it..  The URL hack though still concerns 
me :)

-paris
-----Original Message-----
From: "Don Vawter" <[EMAIL PROTECTED]>
Date: Sun, 12 Aug 2001 09:00:38 -0600
Subject: Re: Hacking CF Web Sites and Applications

> I have a page on preventing url hacks which was derived from the
> school of
> hard knocks after it happened to me
> http://www.vawter.com/urlhack.cfm
> 
> ----- Original Message -----
> From: "Daryl Fullerton" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Sunday, August 12, 2001 8:37 AM
> Subject: Hacking CF Web Sites and Applications
> 
> 
> > Hi all,
> >
> > Any one got general advice on how to prevent hackers from getting
> access
> to
> > CF sites via back doors and tampering with data
> >
> > We dont want the hackers to be able to change data via URL strings.
> >
> > e.g Encrypting URL variables etc
> >
> > Anything else we should look at
> >
> > Any good articles out there?
> >
> > Thanks
> >
> > Daryl Fullerton,
> > Managing Partner,
> > BizNet Solutions,
> > Allaire Premier Partner (Ireland)
> > 133 - 137 Lisburn Road
> > Belfast
> > BT9 7AG
> > N.Ireland
> >
> > Direct +44 (0) 28 9022 7888
> > Tel  +44 (0) 028 9022 3224
> > Fax +44 (0) 028 9022 3223
> 
> <snip>
> 
> 
> 
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Reply via email to