View Single Post
Old 21st June 2011
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,979
Default

Quote:
Originally Posted by CyberJet View Post
Thanks for your great insight. I'm just trying to learn, it's very clear to me that you guys know what you are talking about.

So I take it that PF can not inspect the packet and block escape characters contained with the SQL request? So therefore the SQL server has to be totally updated. Would that suffice?
I used SQL injection as one possible example, out of limitless possibilities. http://xkcd.com/327/ is a humorous example of one. This is an application specific weakness from poor programming practices.

Security is not a product. It its a process, and any chink in the armor can become a problem. You cannot have an assurance of security with any single tool alone.

Quote:
Originally Posted by Dr-D View Post
Damn it, it locked up on me again. The first time it locked up was on the AMD 5200+ box. Now it's running on the AMD Duron 950MHz box.
Did you attempt to use ddb as advised?
Reply With Quote