捕获 SQL 注入和其他恶意 Web 请求 [英] Catching SQL Injection and other Malicious Web Requests
问题描述
我正在寻找一种可以检测恶意请求(例如明显的 SQL 注入获取或发布)并立即禁止请求者的 IP 地址/添加到黑名单的工具.我知道在理想的世界中,我们的代码应该能够处理此类请求并相应地处理它们,但是即使站点免受此类攻击,这样的工具也有很多价值,因为它可能导致节省带宽,防止分析膨胀等
I am looking for a tool that can detect malicious requests (such as obvious SQL injection gets or posts) and will immediately ban the IP address of the requester/add to a blacklist. I am aware that in an ideal world our code should be able to handle such requests and treat them accordingly, but there is a lot of value in such a tool even when the site is safe from these kinds of attacks, as it can lead to saving bandwidth, preventing bloat of analytics, etc.
理想情况下,我正在寻找一种跨平台(LAMP/.NET)解决方案,它位于比技术堆栈更高的级别;也许在网络服务器或硬件级别.不过,我不确定这是否存在.
Ideally, I'm looking for a cross-platform (LAMP/.NET) solution that sits at a higher level than the technology stack; perhaps at the web-server or hardware level. I'm not sure if this exists, though.
无论哪种方式,我都希望听到社区的反馈,以便我可以了解在实施和方法方面我的选择.
Either way, I'd like to hear the community's feedback so that I can see what my options might be with regard to implementation and approach.
推荐答案
您几乎是看错了,没有不知道您的应用程序方法/命名/数据/域的 3party 工具将能够完美保护您.
Your almost looking at it the wrong way, no 3party tool that is not aware of your application methods/naming/data/domain is going to going to be able to perfectly protect you.
诸如 SQL 注入预防之类的东西必须包含在代码中,并且最好由编写 SQL 的人编写,因为他们知道这些字段中应该/不应该包含什么(除非您的项目有非常好的文档)
Something like SQL injection prevention is something that has to be in the code, and best written by the people that wrote the SQL, because they are the ones that will know what should/shouldnt be in those fields (unless your project has very good docs)
你的权利,这一切都已经完成了.您不必完全重新发明轮子,但由于每个人的轴径不同,您确实必须雕刻一个新的轮子.
Your right, this all has been done before. You dont quite have to reinvent the wheel, but you do have to carve a new one because of a differences in everyone's axle diameters.
这不是一个直接运行的问题,您确实必须熟悉 SQL 注入的确切含义,然后才能防止它.这是一个偷偷摸摸的问题,所以它需要同样偷偷摸摸的保护.
This is not a drop-in and run problem, you really do have to be familiar with what exactly SQL injection is before you can prevent it. It is a sneaky problem, so it takes equally sneaky protections.
这 2 个链接教会了我更多关于该主题入门的基础知识,并帮助我更好地表达了我未来对未回答的特定问题的查找.
These 2 links taught me far more then the basics on the subject to get started, and helped me better phrase my future lookups on specific questions that weren't answered.
虽然这不是一个 100% 的发现者,但它会向你展示"现有代码中存在的问题,但就像网络标准一样,一旦你通过了这个测试,不要停止编码.
And while this one isnt quite a 100% finder, it will "show you the light" on existing problem in your existing code, but like with webstandards, dont stop coding once you pass this test.
这篇关于捕获 SQL 注入和其他恶意 Web 请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
