Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "SQL injection/Countermeasures/Infrastructure/Defenses"

From NetSec
Jump to: navigation, search
(Created page with "<noinclude>:<font size="-2">SQL injection > Countermeasures > Infrastructure > Defenses </f...")
 
 
Line 1: Line 1:
 
<noinclude>:<font size="-2">[[SQL injection]] > [[SQL injection/Countermeasures|Countermeasures]] > [[SQL injection/Countermeasures/Infrastructure|Infrastructure]] > Defenses </font></noinclude>
 
<noinclude>:<font size="-2">[[SQL injection]] > [[SQL injection/Countermeasures|Countermeasures]] > [[SQL injection/Countermeasures/Infrastructure|Infrastructure]] > Defenses </font></noinclude>
 +
 
Web application firewalls usually operate at the same layer as the [[HTTP]] server or [[web application]]s, and thus monitor the [[protocol]] and [[input]] layers.  This is different than normal [[IDS]], which are stand-alone pieces of software or hardware that inspect the network and the host layer. Most intrusion detection mechanisms built for [[web applications]] operate using '''signature-based''' detection.  Therefore, as long as an attack does not match a signature, it will slip by most of them.
 
Web application firewalls usually operate at the same layer as the [[HTTP]] server or [[web application]]s, and thus monitor the [[protocol]] and [[input]] layers.  This is different than normal [[IDS]], which are stand-alone pieces of software or hardware that inspect the network and the host layer. Most intrusion detection mechanisms built for [[web applications]] operate using '''signature-based''' detection.  Therefore, as long as an attack does not match a signature, it will slip by most of them.

Latest revision as of 05:45, 19 July 2012

SQL injection > Countermeasures > Infrastructure > Defenses

Web application firewalls usually operate at the same layer as the HTTP server or web applications, and thus monitor the protocol and input layers. This is different than normal IDS, which are stand-alone pieces of software or hardware that inspect the network and the host layer. Most intrusion detection mechanisms built for web applications operate using signature-based detection. Therefore, as long as an attack does not match a signature, it will slip by most of them.