November 8, 2003 at 2:10 am
Hi all!
am trying to test for any sql injections possible for a particular website on the test server.The server on which the site is hosted is Iplanet ..the os being solaris..and the database is oracle 8i.can any of you sujjest a few ways which i could adopt to test the the website for any of the sql vulnarabilities?
November 8, 2003 at 4:31 am
All I can suggest is you read some of the papers on the subject
see the following page for a start http://www.sqlsecurity.com/DesktopDefault.aspx?tabindex=2&tabid=3
and get someone to peer review the code to ensure all the inputs are validated.
Steven
November 9, 2003 at 10:25 pm
you can find white papers and tools to help you here:
http://www.appsecinc.com/techdocs/whitepapers.html#manipulate_mssql_wp
November 10, 2003 at 12:52 am
Also, you might want to join http://www.LazyDBA.com . They have a quite active dedicated Oracle mailing list oracledba@lazydba.com.
Frank
--
Frank Kalis
Microsoft SQL Server MVP
Webmaster: http://www.insidesql.org/blogs
My blog: http://www.insidesql.org/blogs/frankkalis/[/url]
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply