Web Site Security for Catalogers
How to stay one step ahead of hackers.
A hacker constructs a special string containing unusual characters (e.g., quote, apostrophe, percentage), plugs the string into a form on your site and thus gains control of your database.
For an example of this, read Steve Friedl’s essay at http://mvp.unixwiz.net/techtips/sql-injection.html, or Chris Anley’s technical suggestions at www.nextgenss.com/papers/more_advanced_sql_injection.pdf.
- Companies:
- Microsoft Corp.
Related Content
Comments
