RE: Script Injections

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 23 Feb 2005 08:38:31 -0600

Hi Rob,
 
This should be a good start
 
http://www.faqs.org/rfcs/rfc1630.html
 
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 

________________________________

From: Rob Moore [mailto:RMoore@xxxxxxxx] 
Sent: Wednesday, February 23, 2005 8:24 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Script Injections


http://www.ISAserver.org

Hey Jim--
 
Any chance you've had a mo to find these RFCs? I've been looking for
them myself with no luck. If you could even just point me to the right
place, that would be great.
 
Thanks,
Rob

________________________________

From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Tuesday, February 22, 2005 12:05 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Script Injections


http://www.ISAserver.org


I literally hate these jerks that think adding XML or HTTP tags to a
query is valid web site programming!

The fact is, this is the most basic form of script injection.

 

I have some RFC's that give valid URL syntax - I'll fwd them later...

 

-------------------------------------------------------

   Jim Harrison

   MCP(NT4, W2K), A+, Network+, PCG

   http://isaserver.org/Jim_Harrison/
<http://isaserver.org/Jim_Harrison/> 

   http://isatools.org <http://isatools.org/> 

   Read the help / books / articles!

-------------------------------------------------------

 

________________________________

From: Rob Moore [mailto:RMoore@xxxxxxxx] 
Sent: Tuesday, February 22, 2005 08:45
To: [ISAserver.org Discussion List]
Subject: [isalist] Script Injections

 

http://www.ISAserver.org



Hi all-- 

Sometime back I used Jim Harrison's VBS script to block script
injections (the StartOfTag (<) and EndOfTag (>) things). I've run into a
couple of legitimate websites that are now blocked by our firewall. Are
there legitimate reasons an HTML programmer would use these tags? I'd
like to at least sound educated when I contact the website folks to tell
them why I'm blocking them.

Thanks, 
Rob 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rmoore@xxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts:

• » Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections
• » RE: Script Injections

1. Home
2. isalist
3. Archive
4. 02-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---