Menu
▾
▴
Re: [Fail2ban-users] Regex for SQL injection
|
From: Yaroslav H. <li...@on...> - 2011-12-28 21:38:32
|
On Wed, 28 Dec 2011, Luigi Rosa wrote: > > Has anyone written a failregex for SQL injection that would catch attempts > > to select, join, union, or concat? What would be the best for it? > Don't think that fail2ban is the right tool for that. although it might be not the perfect tool for the job but I think it might work, especially on a case by case tune ups where you know that you do not expect any SQL code in the URIs so -- what about a good sample of such log lines attached to an email? (in the email they all got wrapped and ugly) or am I missing smth? > You are looking for a WAF, take a look at OpenWAF http://openwaf.org/ hm :-/ The OpenWAF project has come to an end We are sorry to inform you, that the OpenWAF project has come to an end. Due to the recent acquisition of art of defence GmbH by Zeus Technology Ltd. - the OpenWAF project has been shut down. Although OpenWAF will not exist any longer you can still use all OpenWAF configurations in the commercially available product hyperguard, which is now available from Zeus Technology. Thank you for your understanding. Your team of Zeus Technology (formerly art of defence) -- =------------------------------------------------------------------= Keep in touch www.onerussian.com Yaroslav Halchenko www.ohloh.net/accounts/yarikoptic |
