Forum Search Results for "" RSS 1—2 of 2

More Search Options

  • Re: urlscan and querystring

    Posted to Security by sauminpatel on 09-03-2008, 4:35 PM

    Hi Steve, Thanks for your response. I have the rules from your blog...but the problem is that even a keyword like "drop table" is a valid keyword on our site. How can i get around this problem? also, like i mentioned earlier "kill" is also a valid keyword. Please advise. Thanks!

    • http://forums.iis.net/p/1151433/1878354.aspx#1878354

  • urlscan and querystring

    Posted to Security by sauminpatel on 08-29-2008, 11:55 AM

    hi, our site is getting sql injection attacks right now and we have put up urlscan 3.0 on IIS 6. it is working fine. however, we have a search textbox where people can search for terms on our site...here if i enter words like "insertis" or "kill", etc (which are valid keywords on our site), urlscan catches it and rejects the ...

    • http://forums.iis.net/p/1151433/1877986.aspx#1877986

Microsoft Communities