«

asp.net 1.1 has protection against XSS and sql injection. i'm also running
an asp site on the same server, is it possible for the server to
automatically detect those intrusion methods for my asp application?

thanks

well asp.net has objects like SqlParameter which shield you against Sql
Injection etc...
unfortunately since you cannot use those objects in classic asp you can't do
that...
so you are left to manually do that (ie check the passed params and log them
if needed)

hope this helps...

--
Regards,
HD
Once a Geek.... Always a Geek
"Aaron" <> wrote in message
news:...
> asp.net 1.1 has protection against XSS and sql injection. i'm also running
> an asp site on the same server, is it possible for the server to
> automatically detect those intrusion methods for my asp application?
>
> thanks
>
>

is it possible to add a filter for all incoming html request?

"Hermit Dave" <> wrote in message
news:...
> well asp.net has objects like SqlParameter which shield you against Sql
> Injection etc...
> unfortunately since you cannot use those objects in classic asp you can't
do
> that...
> so you are left to manually do that (ie check the passed params and log
them
> if needed)
>
> hope this helps...
>
> --
> Regards,
> HD
> Once a Geek.... Always a Geek
> "Aaron" <> wrote in message
> news:...
> > asp.net 1.1 has protection against XSS and sql injection. i'm also
running
> > an asp site on the same server, is it possible for the server to
> > automatically detect those intrusion methods for my asp application?
> >
> > thanks
> >
> >
>
>

well filter in what sense ?
if you are thinking in terms of something that can check values against Sql
Injection...
have a look at this article...
http://www.securiteam.com/securityre...DP0N1P76E.html

--
Regards,
HD
Once a Geek.... Always a Geek
"Aaron" <> wrote in message
news:...
> is it possible to add a filter for all incoming html request?
>
> "Hermit Dave" <> wrote in message
> news:...
>> well asp.net has objects like SqlParameter which shield you against Sql
>> Injection etc...
>> unfortunately since you cannot use those objects in classic asp you can't
> do
>> that...
>> so you are left to manually do that (ie check the passed params and log
> them
>> if needed)
>>
>> hope this helps...
>>
>> --
>> Regards,
>> HD
>> Once a Geek.... Always a Geek
>> "Aaron" <> wrote in message
>> news:...
>> > asp.net 1.1 has protection against XSS and sql injection. i'm also
> running
>> > an asp site on the same server, is it possible for the server to
>> > automatically detect those intrusion methods for my asp application?
>> >
>> > thanks
>> >
>> >
>>
>>
>
>