Adobe Solution Partner

July 22, 2008

ColdFusion SQL Injection

Filed under: ColdFusion, Databases — Tags: , , , , — Daryl Banttari @ 7:25 am
Seems there’s a lot of ColdFusion sites out there getting hit by an automated SQL Injection attack, which adds a “<script>” tag to varchar fields using a bit of SQL Server t-sql. Many years ago, I wrote a script that would find and automatically <cfqueryparam> queries (which has been at Daryl’s ColdFusion Primer. I’ve dug [...]

March 7, 2007

Windows Packet Filtering: The Very Least You Can Do For Security

Filed under: Windows — Tags: , , — Daryl Banttari @ 10:29 am
We find people placing Windows servers “naked” on the Internet with frightening regularity. Without any sort of firewall or packet filtering protection, these machines make very easy targets for hackers. Even if you have a firewall, adding host-based packet filtering adds an additional layer of protection, though in that case you’ll have to decide for yourself if the [...]

July 8, 2003

National Security Agency Security Guidelines

Filed under: Miscellaneous — Tags: — Patrick Quinn @ 12:00 am
The pejorative saying “good enough for government work” surely doesn”t apply to these security policies and settings compiled by NSA — these are more than good enough! This is a collection of documents for locking down IIS, domains, and other aspects of Windows networks and application infrastructures.

Server Down?

Maximize Web application uptime by drawing upon Webapper's years of experience tuning and stabilizing many of the world's largest ColdFusion Web applications. Contact us today!