Difference between revisions of "SQL injection/Countermeasures/Infrastructure"

Revision as of 06:37, 19 July 2012

Revision as of 06:34, 19 July 2012 (view source) LashawnSeccombe (Talk \| contribs) (Created page with "<noinclude>:<font size="-2">SQL injection > Countermeasures > Infrastructure</font></noinclude> Web application firewalls usually operate a...")		Revision as of 06:37, 19 July 2012 (view source) LashawnSeccombe (Talk \| contribs) Newer edit →
Line 1:		Line 1:
−	<noinclude>:<font size="-2">[[SQL injection]] > [[SQL injection/Countermeasures\|Countermeasures]] > Infrastructure</font></noinclude>	+	<noinclude>:<font size="-2">[[SQL injection]] > [[SQL injection/Countermeasures\|Countermeasures]] > Infrastructure </font></noinclude>
−		+
−	Web application firewalls usually operate at the same layer as the [[HTTP]] server or [[web application]]s, and thus monitor the [[protocol]] and [[input]] layers. This is different than normal [[IDS]], which are stand-alone pieces of software or hardware that inspect the network and the host layer. Most intrusion detection mechanisms built for [[web applications]] operate using '''signature-based''' detection. Therefore, as long as an attack does not match a signature, it will slip by most of them.	+