Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "SQL injection/Countermeasures/Infrastructure"

From NetSec
Jump to: navigation, search
(Created page with "<noinclude>:<font size="-2">SQL injection > Countermeasures > Infrastructure</font></noinclude> Web application firewalls usually operate a...")
 
Line 1: Line 1:
<noinclude>:<font size="-2">[[SQL injection]] > [[SQL injection/Countermeasures|Countermeasures]] > Infrastructure</font></noinclude>
+
<noinclude>:<font size="-2">[[SQL injection]] > [[SQL injection/Countermeasures|Countermeasures]] > Infrastructure </font></noinclude>
 
+
Web application firewalls usually operate at the same layer as the [[HTTP]] server or [[web application]]s, and thus monitor the [[protocol]] and [[input]] layers.  This is different than normal [[IDS]], which are stand-alone pieces of software or hardware that inspect the network and the host layer. Most intrusion detection mechanisms built for [[web applications]] operate using '''signature-based''' detection.  Therefore, as long as an attack does not match a signature, it will slip by most of them.
+

Revision as of 05:37, 19 July 2012

SQL injection > Countermeasures > Infrastructure