Spoofing a TCP/IP address? Stopping SQL Injection.....

M

Mufasa

I have a website that somebody is trying to hack with SQL Injection. (He was
already successful but I have fixed the vulnerability) I have already fixed
the website so it's 'safe' from the injection. I even have it redirect to
another web site (not mine but an innocuous third party) when it get's
things that don't match my criteria.

Is there any way to stop/block this yahoo from attempting this? It's getting
old. I have the system e-mail me when it happens and last night he attempted
about 25 times - twice every 1/2 hour.

I've checked the IIS logs and they all come from different TCP/IP addresses
so I can't block based on TCP/IP.

It's just annoying.

Anybody have any suggestions on what to do to get this yahoo to stop it?

BTW - his SQL injection puts code in the text fields that would download a
trojan that would then install something on your machine. So it was pretty
malicious.....

TIA - Jeff.
 
C

Cowboy \(Gregory A. Beamer\)

It is hard to stop someone from hitting your site completely, especially if
he is either a) spoofing and IP or b) using some unwitting dolts computer to
hit yours. You can, however, harden the application. I would look at the
Patterns and Practices material on hardening. One good place to start is the
threat modeling book:
http://msdn.microsoft.com/en-us/library/ms978516.aspx
 
G

George

What do you mean by stopping?
Physically? No you can not do that. He is still going to continue to hit
your server with bad urls.

If you mean to prevent him from being successful then I thought you already
did it.

PS: You can block the IP address in Windows (look it up in Google, but you
need Admin rights on a server I believe) but from my experience the IP
address is changing and in a week you will get attempts from different IP.

George.
 
M

Mufasa

Thanks everybody for your help. I guess there's not a whole I can do to stop
it - I just have to make sure that it doesn't cause any problems.

J.

Its better if you improve you code and follow some kill char
functions.

NIraj
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top