Quote:
Originally Posted by CyberJet
Thanks for your great insight. I'm just trying to learn, it's very clear to me that you guys know what you are talking about.
So I take it that PF can not inspect the packet and block escape characters contained with the SQL request? So therefore the SQL server has to be totally updated. Would that suffice?
|
I used SQL injection as one possible example, out of limitless possibilities.
http://xkcd.com/327/ is a humorous example of one. This is an application specific weakness from poor programming practices.
Security is not a product. It its a process, and any chink in the armor can become a problem. You cannot have an assurance of security with any single tool alone.
Quote:
Originally Posted by Dr-D
Damn it, it locked up on me again. The first time it locked up was on the AMD 5200+ box. Now it's running on the AMD Duron 950MHz box.
|
Did you attempt to use ddb as advised?