473,387 Members | 1,540 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > spoofing a tcp/ip address? stopping sql injection.....

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Spoofing a TCP/IP address? Stopping SQL Injection.....

I have a website that somebody is trying to hack with SQL Injection. (He was
already successful but I have fixed the vulnerability) I have already fixed
the website so it's 'safe' from the injection. I even have it redirect to
another web site (not mine but an innocuous third party) when it get's
things that don't match my criteria.

Is there any way to stop/block this yahoo from attempting this? It's getting
old. I have the system e-mail me when it happens and last night he attempted
about 25 times - twice every 1/2 hour.

I've checked the IIS logs and they all come from different TCP/IP addresses
so I can't block based on TCP/IP.

It's just annoying.

Anybody have any suggestions on what to do to get this yahoo to stop it?

BTW - his SQL injection puts code in the text fields that would download a
trojan that would then install something on your machine. So it was pretty
malicious.....

TIA - Jeff.
Sep 18 '08 #1
4 1670
It is hard to stop someone from hitting your site completely, especially if
he is either a) spoofing and IP or b) using some unwitting dolts computer to
hit yours. You can, however, harden the application. I would look at the
Patterns and Practices material on hardening. One good place to start is the
threat modeling book:
http://msdn.microsoft.com/en-us/library/ms978516.aspx

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://feeds.feedburner.com/GregoryBeamer#

or just read it:
http://feeds.feedburner.com/GregoryBeamer

********************************************
| Think outside the box! |
********************************************
"Mufasa" <jb@nowhere.comwrote in message
news:O8*************@TK2MSFTNGP06.phx.gbl...
>I have a website that somebody is trying to hack with SQL Injection. (He
was already successful but I have fixed the vulnerability) I have already
fixed the website so it's 'safe' from the injection. I even have it
redirect to another web site (not mine but an innocuous third party) when
it get's things that don't match my criteria.

Is there any way to stop/block this yahoo from attempting this? It's
getting old. I have the system e-mail me when it happens and last night he
attempted about 25 times - twice every 1/2 hour.

I've checked the IIS logs and they all come from different TCP/IP
addresses so I can't block based on TCP/IP.

It's just annoying.

Anybody have any suggestions on what to do to get this yahoo to stop it?

BTW - his SQL injection puts code in the text fields that would download a
trojan that would then install something on your machine. So it was pretty
malicious.....

TIA - Jeff.

Sep 18 '08 #2
What do you mean by stopping?
Physically? No you can not do that. He is still going to continue to hit
your server with bad urls.

If you mean to prevent him from being successful then I thought you already
did it.

PS: You can block the IP address in Windows (look it up in Google, but you
need Admin rights on a server I believe) but from my experience the IP
address is changing and in a week you will get attempts from different IP.

George.
"Mufasa" <jb@nowhere.comwrote in message
news:O8*************@TK2MSFTNGP06.phx.gbl...
>I have a website that somebody is trying to hack with SQL Injection. (He
was already successful but I have fixed the vulnerability) I have already
fixed the website so it's 'safe' from the injection. I even have it
redirect to another web site (not mine but an innocuous third party) when
it get's things that don't match my criteria.

Is there any way to stop/block this yahoo from attempting this? It's
getting old. I have the system e-mail me when it happens and last night he
attempted about 25 times - twice every 1/2 hour.

I've checked the IIS logs and they all come from different TCP/IP
addresses so I can't block based on TCP/IP.

It's just annoying.

Anybody have any suggestions on what to do to get this yahoo to stop it?

BTW - his SQL injection puts code in the text fields that would download a
trojan that would then install something on your machine. So it was pretty
malicious.....

TIA - Jeff.

Sep 18 '08 #3
Its better if you improve you code and follow some kill char
functions.

NIraj
On Sep 18, 10:13*pm, "George" <noem...@comcast.netwrote:
What do you *mean by stopping?
Physically? No you can not do that. He is still going to continue to hit
your server with bad urls.

If you mean to prevent him from being successful then I thought you already
did it.

PS: You can block the IP address in Windows (look it up in Google, but you
need Admin rights on a server I believe) but from my experience the IP
address is changing and in a week you will get attempts from different IP..

George.

"Mufasa" <j...@nowhere.comwrote in message

news:O8*************@TK2MSFTNGP06.phx.gbl...
I have a website that somebody is trying to hack with SQL Injection. (He
was already successful but I have fixed the vulnerability) I have already
fixed the website so it's 'safe' from the injection. I even have it
redirect to another web site (not mine but an innocuous third party) when
it get's things that don't match my criteria.
Is there any way to stop/block this yahoo from attempting this? It's
getting old. I have the system e-mail me when it happens and last nighthe
attempted about 25 times - twice every 1/2 hour.
I've checked the IIS logs and they all come from different TCP/IP
addresses so I can't block based on TCP/IP.
It's just annoying.
Anybody have any suggestions on what to do to get this yahoo to stop it?
BTW - his SQL injection puts code in the text fields that would download a
trojan that would then install something on your machine. So it was pretty
malicious.....
TIA - Jeff.
Sep 19 '08 #4
Thanks everybody for your help. I guess there's not a whole I can do to stop
it - I just have to make sure that it doesn't cause any problems.

J.

"Niraj Ranka" <ni********@gmail.comwrote in message
news:3a**********************************@q5g2000p rf.googlegroups.com...
Its better if you improve you code and follow some kill char
functions.

NIraj
On Sep 18, 10:13 pm, "George" <noem...@comcast.netwrote:
What do you mean by stopping?
Physically? No you can not do that. He is still going to continue to hit
your server with bad urls.

If you mean to prevent him from being successful then I thought you
already
did it.

PS: You can block the IP address in Windows (look it up in Google, but you
need Admin rights on a server I believe) but from my experience the IP
address is changing and in a week you will get attempts from different IP.

George.

"Mufasa" <j...@nowhere.comwrote in message

news:O8*************@TK2MSFTNGP06.phx.gbl...
I have a website that somebody is trying to hack with SQL Injection. (He
was already successful but I have fixed the vulnerability) I have already
fixed the website so it's 'safe' from the injection. I even have it
redirect to another web site (not mine but an innocuous third party) when
it get's things that don't match my criteria.
Is there any way to stop/block this yahoo from attempting this? It's
getting old. I have the system e-mail me when it happens and last night
he
attempted about 25 times - twice every 1/2 hour.
I've checked the IIS logs and they all come from different TCP/IP
addresses so I can't block based on TCP/IP.
It's just annoying.
Anybody have any suggestions on what to do to get this yahoo to stop it?
BTW - his SQL injection puts code in the text fields that would download
a
trojan that would then install something on your machine. So it was
pretty
malicious.....
TIA - Jeff.

Sep 19 '08 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
spoofing in asp
by: Matt | last post by:
I want to know how ASP prevents "Spoofing" to happen?? Someone told me in ASP.NET, the server validation can prevent "Spoofing" to happen. Please advise.
ASP / Active Server Pages
11
spoofing question
by: Stephanie Stowe | last post by:
Hi. I have an ASP page which stores a cookie. That cookie is then read on a different server. This is the crux of an ASP / JSP bridge I am creating for allowing a user to seemlessly switch from an...
ASP / Active Server Pages
79
Should UA string spoofing be treated as a trademark violation?
by: VK | last post by:
I wandering about the common proctice of some UA's producers to spoof the UA string to pretend to be another browser (most often IE). Shouldn't it be considered as a trademark violation of the...
Javascript
13
SQL injection and PHP spoofing
by: bill | last post by:
MySQL newbie, not new to computing. In my application I accept photos and data, some structured and some free text. I store the information (but not the images) in a MySQL database and then from...
PHP
7
How can I create an innocuous SQL injection attempt to test apps and evaluate the result programmatically?
by: | last post by:
There are assorted "SQL Injection vulnerability assessment tools" out there. They scan your site and send your report. They also take your money. We don't have the money so I was wondering if I...
ASP.NET
1
How to set bounce address without 'spoofing'
by: veg_all | last post by:
I want to send email from mydomain.com but have them all bounce to xyz.com. The problem is when I use the -f option with mail , I get my emails all rejected by xyz.com, saying that 'Sender domain...
PHP
1
Increase views/visitors by spoofing IP address with PHP
by: jadown | last post by:
I am just learning PHP so I am new and struggling a little. I need a php script to access a site but I want it to make it look like it's coming from a different IP address. If anyone can help or get...
PHP
1
Anti Spoofing MAC Address
by: nepalbinod | last post by:
My program's security basically depends on the host PC's MAC Address. Since there are a couple of utilities that can change MAC Address of a Network Card. My question is, under VB 6, is there any way...
General
2
question about validation and sql injection
by: Sudhakar | last post by:
A) validating username in php as part of a registration form a user fills there desired username and this is stored in a mysql. there are certain conditions for the username. a) the username...
PHP
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!