ASPROX is not letting up, many of our clients are still seeing SQL Injection attacks blocked every 3-5 minutes on their Sentinel.
Microsoft released a tool for scanning your ASP and ASPX code and identifying SQL Injection vulnerabilities. I highly recommend giving it a try kb-954476
Also HP released a free version of their web security auditing tool specifically to check for SQL Injection, it's called Scrawler and you can get it here
More ASPROX domains (they don't give up, do they?):
tid62.com, kadport.com, suppadw.com, supbnr.com, adwsupp.com, bnrupdate.mobi, adwste.mobi, adupd.mobi, hlpgetw.com, hdadwcd.com, rid34.com, adupd.mobi, adwste.mobi, bnrupdate.mobi, cntrl62.com, config73.com, cont67.com, csl24.com, debug73.com, default37.com, get49.net, pid72.com, pid76.net, web923.com, base48.com, asp63.com, form43.com, maigol.cn
And finally we are still emailing our ASPROX Toolkit document which gives information on the attack and how to recover from it if you organization has been compromised.
No comments:
Post a Comment