it's probably bad form (as the attack hosts are probably compromised IE users) but the idea of redirecting such attack requests to download a big file say a linux live cd would bring the attacking machine's bandwidth to it's knees....
more of a friday beer oclock idea.... If your using IIS there is always the URLscan plugin On Fri, Sep 26, 2008 at 11:08 AM, Taco Fleur <[EMAIL PROTECTED]> wrote: > Another thing you can do is create different datasources, each with > different rights; > - read only > - update > - delete > > And use the read only datasource on the queries that only read data. The > ones that update data might be behind a username and password so that would > make it more difficult for the hackers. > > On Fri, Sep 26, 2008 at 10:13 AM, Claude Raiola <[EMAIL PROTECTED]> > wrote: >> >> Hi, >> >> We have just had an SQL injection attack. >> >> Given we have several hundred cold fusion pages and the sql database as >> several hundred tables has anyone found a reliable solution where why script >> can be placed in the application.cfm page that will prevent code being >> appended to queries as a viable alternative to having to edit every query >> across the 100's of pages use the appropriate <cfqueryparam ............. >> >> >> Regards >> >> Claude Raiola >> B.Econ (Acc), B.Hot.Mngt. >> >> Websites: >> www.AustralianAccommodation.com >> www.SAMARIS.NET >> www.WebSiteSolutions.com.au >> Mobile: 0414 228 948 >> >> >> > > > > -- > Try advertising on the new Australian Business Directory > www.clickfind.com.au > blog: http://australiansearchengine.wordpress.com/ > Web Designers > http://www.web-designers-australia.com > > > > -- Zac Spitzer - http://zacster.blogspot.com (My Blog) +61 405 847 168 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~----------~----~----~----~------~----~------~--~---