Mitch Wheat - Treat the cause, not the symptoms!: Microsoft Urlscan Helps to Filter SQL Injection Attacks

About Me

Location: Perth, WA, Australia

Mitch Wheat has been working as a professional programmer since 1984, graduating with a honours degree in Mathematics from Warwick University, UK in 1986. He moved to Perth in 1995, having worked in software houses in London and Rotterdam. He has worked in the areas of mining, electronics, research, defence, financial, GIS, telecommunications, engineering, and information management. Mitch has worked mainly with Microsoft technologies (since Windows version 3.0) but has also used UNIX. He holds the following Microsoft certifications: MCPD (Web and Windows) using C# and SQL Server MCITP (Admin and Developer). His preferred development environment is C#, .Net Framework and SQL Server. Mitch has worked as an independent consultant for the last 10 years, and is currently involved with helping teams improve their Software Development Life Cycle. His areas of special interest lie in performance tuning

Microsoft Urlscan Helps to Filter SQL Injection Attacks

Microsoft recently re-released an improved version of a security filter for IIS that is designed to help thwart SQL injection attacks by restricting the types of HTTP requests that IIS will process. UrlScan 3.0 is an IIS add-on that provides real-time validation of HTTP server requests, potentially blocking SQL injection exploits.

UrlScan has actually been available for several years, but Microsoft added some new features in this 3.0 release, including support for query string scanning.

# posted by Mitch Wheat @ 7:46 pm

Mitch Wheat - Treat the cause, not the symptoms!

About

Archives

About Me

Tuesday, August 26, 2008

Microsoft Urlscan Helps to Filter SQL Injection Attacks

0 Comments:

Contact

Links

Favorites

Blogs