IIS 5 & IIS 6
Anyone know about www.nihaorr1.com/1.js?
Last post Dec 13, 2008 01:14 AM by Paul Bishop
May 22, 2008 02:08 AM|LINK
asp code to filter sql injection
sql injection injection filter code asp cint integers
May 22, 2008 02:11 AM|LINK
Jun 05, 2008 05:06 AM|LINK
i have had a run in with this injection and i have created serveral scripts to clean a database of injection as long as it has not truncated over data. if people need help hit me up.
Jun 05, 2008 05:07 AM|LINK
oh and i can fix your poorly coded asp pages that are causing it to happen too.
Jun 09, 2008 04:30 PM|LINK
does anyone know if the SQL string can contain web encoded characters ?
a dash "-" can also be k does SQL Server know what to do with this or will it throw an error ?
Jun 20, 2008 09:02 PM|LINK
filter webknight sql injection attack block firewall isapi
Aug 11, 2008 09:55 AM|LINK
The number of infected Web pages spiked to 282,000 in the past day, and appears to be growing. Network managers can check to see whether their Web pages are infected with the iFrame code by looking for a specific code string in the source code of the Web
page associated to an iFrame tag. The string is <script src=http://www.nihaorr1.com/1.js>, according to the security vendor.The worst part of it all is that these infestations are not in seamy Web sites, they are taking place in legitimate Web pages. An IFRAME
redirects the user to another page, where identity-stealing malware is downloaded onto their computer. So even users who think they are staying clean are not safe. The malicious page scans the visitors machine to find ways to compromise the visitors machine.
Exploits are then downloaded and used to infected the redirected visitor based on the
information found on the scan.
Aug 21, 2008 10:43 AM|LINK
URLScan 3.0 was released to help with these types of automated attacks.
Windows Server MVP - IIS
Log archival solution
Install, Configure, Forget
Aug 22, 2008 03:28 AM|LINK
well one sneaked through my urlscan 3.0 i am still trying to figuare out how they got past the declare statement. can you post your config ?
Aug 22, 2008 04:19 AM|LINK
Do you have the IIS logs entry that shows the one that squeeked through?
http://www.iislogs.com/urlscan.txt is my config.