Sign in with
Sign up | Sign in
Your question
Closed

Imperva: 71 SQL Injection Attacks Per Hour Since July

Tags:
Last response: in News comments
Share
September 23, 2011 7:10:17 PM

So, the vast majority of SQLi attacks in the US originate in the US. Interesting.
Score
-1
September 23, 2011 10:03:45 PM

@otacom72, totally agreed. Bad programming = easy attack. SQLi is simple to do and it's simple to prevent. Lazy = bad.
Score
6
September 23, 2011 10:43:01 PM

Kevin ParrishNearly 41-percent of all SQLi attacks originate from just ten hosts.

So why don't they go and physically find the 10 hosts and knock on their owners door and either arrest them, or at the very least tell them to GET SOME FREAKING ANTI-MALWARE SOFTWARE or something. I mean at least make them turn the "hosts" off.


gmarsack@otacom72, totally agreed. Bad programming = easy attack. SQLi is simple to do and it's simple to prevent. Lazy = bad.

If they were so simple to prevent, they wouldn't be so simple to do. Maybe some issues means laziness, but most are something that is accidentally overlooked after thousands of updates to websites every year. Odds are someone will slip up and make a mistake sometime. Human error will always be a problem and you cannot defend against it aside from redundancy checks by some automated means and other humans doing QA on all updated code. However, in the end, no system is or will be prefect. The only systems that come close cost major amounts of resources to maintain.
Score
-4
September 24, 2011 12:37:21 AM

ThisIsMeSo why don't they go and physically find the 10 hosts and knock on their owners door and either arrest them, or at the very least tell them to GET SOME FREAKING ANTI-MALWARE SOFTWARE or something. I mean at least make them turn the "hosts" off.

So you're saying that someone should be arrested because it's computer has bad security and is being used to hack sites with also bad security. Logical.
Score
0
September 24, 2011 12:43:52 AM

Funny, this 'article' very nicely mirrors the entry in Wikipedia at http://en.wikipedia.org/wiki/SQL_injection

If we stop being lazy and spend a little time checking a user's data entries the problem is no problem anymore.

Score
0
September 24, 2011 1:11:35 AM

VladislausSo you're saying that someone should be arrested because it's computer has bad security and is being used to hack sites with also bad security. Logical.

Is that what I said?

Read the whole thing. ;)  I said "either arrest them, or at the very least tell them to get some freaking anti-malware software." Obviously I meant whatever is the most logically applicable. For all you know some of these 10 hosts could be helping these guys or at the very least know who they are. The stuff could have been put on their PC's after they called a local place and had a "guy" come out and "look" at their PC because they needed it repaired or something to that extent. I think it at least warrants a look into the matter. Don't you, Mr. Logical?
Score
-2
September 24, 2011 3:49:36 AM

freggoFunny, this 'article' very nicely mirrors the entry in Wikipedia at http://en.wikipedia.org/wiki/SQL_injectionIf we stop being lazy and spend a little time checking a user's data entries the problem is no problem anymore.


It closely mirrors Wikipedia because Wikipedia is using the same source article.
Score
-1
September 24, 2011 4:48:29 AM

You'd think the government would hire more SQL programmers to cover these vulnerabilities.
Score
-1
September 24, 2011 1:54:37 PM

cheepstuffIt closely mirrors Wikipedia because Wikipedia is using the same source article.


I find it highly unlikely that Wikipedia is "using" someone else's original article if for no other reason than possible copyright infringement accusations.
Score
0
September 24, 2011 3:05:27 PM

eddieroolzYou'd think the government would hire more SQL programmers to cover these vulnerabilities.

This is a problem that affects tons of website not related to any governments. So the responsibility shouldn't be on government hands in those cases.
Score
0
September 24, 2011 6:02:32 PM

freggoFunny, this 'article' very nicely mirrors the entry in Wikipedia at http://en.wikipedia.org/wiki/SQL_injectionIf we stop being lazy and spend a little time checking a user's data entries the problem is no problem anymore.

Umm no it doesn't. I just read the article and don't see the similarity. The article is quite interesting though
(the wiki one).

As to this article, i'm glad these kids from A and lolzsec are getting caught. Allowing themselves to become famous is disgraceful.
Score
-2
Anonymous
October 3, 2011 2:08:50 PM

@slicedtoad: "i'm glad these kids from A and lolzsec are getting caught"

ahhh, I never thought I'd see the day when a 47 year old (i.e. Christopher Doyon, one of the accused) was referred to as a "kid". There's hope for us oldsters yet. ;-)
Score
0
!