- home
- reviews
- news
- downloads
- cnet tv
On TechRepublic: 10 Linux features Windows should have
- log in
- join CNET
- welcome,
- my profile
- log out

Comments on: Microsoft tools address SQL injection attacks

Advisory helps Web sites that use Microsoft ASP and ASP.NET technologies against recent Web-based attacks.

Add a Comment (Log in or register) (3 Comments)


by jimkii June 24, 2008 3:38 PM PDT: If developers would use bind variables (prepared statements in Java) they would not have to worry about SQL Injection attacks. MS and other vendors strongly recommend using bind variables in code. it leads to more secure and higher performing code.; Like this Reply to this comment


by jnarvey June 25, 2008 9:09 AM PDT: Oops! Microsoft's list wasn't quite complete. Another tool that will protect against SQL injection (and other threats like XSS hacks) is Devfense (more info at http://www.boonbox.net/devfense.htm), a boxed service tool that integrates seamlessly with existing IT environments. Cheers.; Like this Reply to this comment


by has_zah August 4, 2008 12:33 AM PDT: Hi,
I read the article, It is really helpful.
Few days back my website PDA Accessories got hacked by a hacker from canada. After fixing it my developer implement the instructions written here. And now my site is more secure.

Thanks for the tools....
Hassan Z Ch.; Like this Reply to this comment

(3 Comments)

About Defense in Depth

Covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews of the top security researchers, as well as offering the hands-on, nontechnical advice you'll need to stay safe online.