469,647 Members | 1,769 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,647 developers. It's quick & easy.

SQL Injection Attacks

I think a site I developed has been the victim of a sql
injection attack.I know how to stop this happening in
future but:

Is there any way I can trace such an attack?
Nov 18 '05 #1
4 1488
Possibly - Have a look at your IIS log files, depends how the attack happend
really - If its on the querystring it'll be in the logs, if it was within
form data then you probably wont be able to trace it.

"poppy" <sa**@asda.com> wrote in message
news:38****************************@phx.gbl...
I think a site I developed has been the victim of a sql
injection attack.I know how to stop this happening in
future but:

Is there any way I can trace such an attack?

Nov 18 '05 #2
If it is in the querystring then how do i trace it?

Nov 18 '05 #3
You should use ADO.NET parameter objects. They will protect you against SQL
Injection Attacks.

Here's more info:
http://msdn.microsoft.com/library/de...classtopic.asp
http://msdn.microsoft.com/library/de...isualbasic.asp

--
I hope this helps,
Steve C. Orr, MCSD, MVP
http://Steve.Orr.net
"poppy" <sa**@asda.com> wrote in message
news:38****************************@phx.gbl...
I think a site I developed has been the victim of a sql
injection attack.I know how to stop this happening in
future but:

Is there any way I can trace such an attack?

Nov 18 '05 #4
Examine the records from the time period where you think the attack
occured. Most web logs will include the query string sent from the
client. A visual inspection might turn up the requests made with SQL
commands in the query string, which would indicate someone probing or
breaking the site.

If you can find those records you'll then have an IP address, which
may give you something to go on, but it's not perfect.

--
Scott
http://www.OdeToCode.com/blogs/scott/

On Tue, 2 Nov 2004 16:57:14 -0800,
<an*******@discussions.microsoft.com> wrote:
If it is in the querystring then how do i trace it?


Nov 18 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by Martin Lucas-Smith | last post: by
2 posts views Thread by freddy | last post: by
5 posts views Thread by www.douglassdavis.com | last post: by
4 posts views Thread by Kevin Audleman | last post: by
29 posts views Thread by sinbuzz | last post: by
1 post views Thread by Dave Anderson | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.