This post originated from an RSS feed registered with .NET Buzz
by Robert Hurlbut.
Original Post: Detection of SQL Injection and Cross-site Scripting Attacks
Feed Title: Robert Hurlbut's .Net Blog
Feed URL: http://www.asp.net/err404.htm?aspxerrorpath=/rhurlbut/Rss.aspx
Feed Description: Development with .Net, Rotor, Distributed Architectures, Security, Extreme Programming, and Databases
I found an interesting article titled “Detection of SQL Injection and Cross-site Scripting Attacks“ at SecurityFocus today. Basically, it focuses on how to set up rules for SNORT (an open-source Intrusion Detection System (IDS) tool) using regular expressions. What I found most interesting about the article is that some of the same ideas can be applied to input validation as well, in terms of checking for these kind of input attacks to a web site. Very good read.