View Member - jahboite

August 28, 2008 04:25am pdt

Experts Exchange

Announcements Feedback

1. hielo 5,597,193
2. angelIII 4,853,485
3. chapmandew 3,150,298
4. war1 3,140,541
5. capricorn1 2,759,096
6. KCTS 2,468,522
7. TheLearn... 2,216,526
8. zorvek 2,132,565
9. rorya 2,056,588
10. tigermatt 1,763,350
11. RobWill 1,705,305
12. b0lsc0tt 1,666,072
13. DatabaseMX 1,547,473
14. mlmcc 1,536,320
15. jpaulino 1,502,237
16. RobSamp... 1,474,830
17. jaime_oliv... 1,416,700
18. ee_rlee 1,374,903
19. saurabh726 1,281,330
20. nobus 1,263,125
21. Sembee 1,228,233
22. LSMCons... 1,223,100
23. boag2000 1,207,578
24. ozo 1,204,783
25. sdstuber 1,194,203

1. angelIII 23,615,932
2. Sembee 21,349,056
3. war1 15,958,237
4. TheLearn... 11,224,416
5. jkr 11,206,003
6. objects 10,594,336
7. capricorn1 10,442,869
8. zorvek 9,568,628
9. lrmoore 9,504,052
10. leew 8,886,719
11. byundt 8,671,058
12. ozo 8,372,156
13. TechSoEasy 8,292,020
14. Sheharya... 8,278,847
15. CEHJ 8,227,277
16. mlmcc 8,051,608
17. sirbounty 7,867,753
18. Idle_Mind 7,217,368
19. Zvonko 7,024,042
20. oBdA 6,821,822
21. Callandor 6,458,343
22. amit_g 6,266,347
23. RobWill 6,241,134
24. rockiroads 6,218,491
25. matthews... 6,098,663

jahboite Login Name

Qualified Expert Account Type

149,200 Expert Points

12/11/2005 Registration Date

13,609 Points this month

Expert Certifications:

jahboite has earned the following certifications.

Master

Windows XP Operating System

Member Profile:

I shan't be sharing any personal information here. Instead, I thought I'd build a little knowledgebase about the all too common Mass SQL Injections perpetrated by the Danmec Asprox botnets and which are causing headaches for literally hundreds of thousands of administrators (yes, you're in good company - fear not).

I'll be fleshing this out as I go along, but here's a start:

Microsoft Advisory. The Suggested Actions section details 3 tools that can help you identify infected pages (scrawlr), protect vulnerable pages (urlscan) and detect vulnerable code (Microsoft Source Code Analyzer for SQL Injection).

http://www.microsoft.com/technet/security/advisory/954462.mspx

There's a wealth of information on these infections:

http://www.google.co.uk/search?q=asprox+danmec+sql+injection

And at Experts Exchange, loads of practical advice:

http://search.experts-exchange.com/simpleSearch.jsp?q=sql+injection

149 Questions Answered

	Date	Points	Title	Activity Type	Zone
1	08/24/2008	500	Is this an attempt at SQL/Javascript in…	Accepted	Apache Web Server
2	08/22/2008	500	Need help removing cutwail bot from W…	Accepted	Desktop Anti-Virus
3	08/20/2008	500	Security Vulnerability	Assisted	Network Vulnerabi…
4	08/18/2008	500	How do I propertly implement somethin…	Assisted	Windows 2003…
5	08/18/2008	500	what's the udp equivalent for "telnet…	Assisted	Microsoft Network

150 Questions Participated In

609 Comments Posted

	Date	Points	Title	Activity Type	Status	Zone
1	08/27/2008	250	Hacking a cheap NAS box	Comment	Open	Network Vulnerabi…
2	08/24/2008	500	Internet bandwidth consumption - sud…	Comment	Open	Network analysis …
3	08/23/2008	500	Free testing tool for checking sql injecti…	Comment	Open	Network Vulnerabi…
4	08/22/2008	250	Dst IP session limit! From 10.2.0…	Comment	Open	Network Vulnerabi…
5	08/21/2008	0	Security scan returns "IP address rev…	Comment	PAQ	Network Vulnerabi…

22 Questions Asked

0 Questions Open

21 Questions Graded

1 Question Deleted

	Date	Points	Title	Status	Zone
1	06/13/2008	500	Simulating a private network (with a public int…	PAQ	VMware …
2	05/30/2008	0	HTTP GET request - Range Header example	PAQ	HTTP …
3	05/10/2008	500	Do not do something while you're doing a som…	PAQ	Puzzles / Riddles
4	02/13/2008	0	17 Feb - Deletion of a Question with Comme…	PAQ	New To EE
5	02/10/2008	0	Answer validity - Comments appreciated.	PAQ	Expert Input