Hi ! Perhaps you should have a look at http://www.greensql.net/
Regards, martin -----Ursprüngliche Nachricht----- Von: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] Im Auftrag von Chris Buechler Gesendet: Mittwoch, 7. Dezember 2011 09:09 An: pfSense support and discussion Betreff: Re: [pfSense] Any suggestions on how filter in pfSense for SQL Injections? On Wed, Dec 7, 2011 at 1:59 AM, Chuck Mariotti <cmario...@xunity.com> wrote: > > Yep, validation is the key in this case. Knock on wood, we should be good. > We are also using filtering using URLScan on the web servers to stop > this attack, but it would be nice to be able to quickly blanket the > network if that's an option should something similar (copy cats) arise in the > future. > That's the job of a web application firewall, which can either run directly on the server, or elsewhere. Not functionality you find in a network firewall in most cases. We do have an alpha-quality package for mod_security which I hope we can improve in the future, for now manually configuring that is probably the best option to do something on the firewall itself. _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
