View Member - jahboite

September 6, 2008 12:10am pdt

Experts Exchange

Announcements Feedback

1. hielo 5,950,271
2. angelIII 5,119,395
3. war1 3,308,461
4. chapmandew 3,282,687
5. capricorn1 2,782,096
6. KCTS 2,544,685
7. zorvek 2,285,351
8. TheLearn... 2,273,708
9. rorya 2,069,888
10. tigermatt 1,890,480
11. RobWill 1,787,755
12. b0lsc0tt 1,756,263
13. DatabaseMX 1,644,902
14. mlmcc 1,620,417
15. jpaulino 1,565,937
16. RobSamp... 1,535,265
17. jaime_oliv... 1,472,100
18. ee_rlee 1,376,963
19. LSMCons... 1,336,534
20. saurabh726 1,323,830
21. nobus 1,314,711
22. boag2000 1,297,433
23. ozo 1,292,614
24. sdstuber 1,248,711
25. garycase 1,247,442

1. angelIII 23,881,842
2. Sembee 21,362,706
3. war1 16,126,157
4. TheLearn... 11,281,598
5. jkr 11,226,114
6. objects 10,680,561
7. capricorn1 10,465,869
8. zorvek 9,721,414
9. lrmoore 9,562,267
10. leew 8,983,390
11. byundt 8,691,160
12. ozo 8,459,987
13. TechSoEasy 8,413,594
14. Sheharya... 8,371,723
15. CEHJ 8,293,469
16. mlmcc 8,135,705
17. sirbounty 7,895,755
18. Idle_Mind 7,260,144
19. Zvonko 7,065,465
20. oBdA 6,864,822
21. Callandor 6,475,518
22. RobWill 6,323,584
23. amit_g 6,268,679
24. hielo 6,250,997
25. rockiroads 6,218,491

jahboite Login Name

Qualified Expert Account Type

154,432 Expert Points

12/11/2005 Registration Date

3,732 Points this month

Expert Certifications:

jahboite has earned the following certifications.

Master

Windows XP Operating System

Member Profile:

I shan't be sharing any personal information here. Instead, I thought I'd build a little knowledgebase about the all too common Mass SQL Injections perpetrated by the Danmec Asprox botnets and which are causing headaches for literally hundreds of thousands of administrators (yes, you're in good company - fear not).

I'll be fleshing this out as I go along, but here's a start:

Microsoft Advisory. The Suggested Actions section details 3 tools that can help you identify infected pages (scrawlr), protect vulnerable pages (urlscan) and detect vulnerable code (Microsoft Source Code Analyzer for SQL Injection).

http://www.microsoft.com/technet/security/advisory/954462.mspx

There's a wealth of information on these infections:

http://www.google.co.uk/search?q=asprox+danmec+sql+injection

And at Experts Exchange, loads of practical advice:

http://search.experts-exchange.com/simpleSearch.jsp?q=sql+injection

154 Questions Answered

	Date	Points	Title	Activity Type	Zone
1	09/05/2008	500	Google AdSense for password protect…	Accepted	Internet Advertising
2	09/03/2008	100	Searching for a reliable means of deter…	Assisted	Network Vulnerabi…
3	09/02/2008	500	Computer security and penetration?	Assisted	OS Network Secu…
4	09/02/2008	500	Checkpoint Block sql injection	Assisted	Network Vulnerabi…
5	08/29/2008	500	192.168.140.2XX is DOWN…	Accepted	Servers

145 Questions Participated In

610 Comments Posted

	Date	Points	Title	Activity Type	Status	Zone
1	08/27/2008	250	Hacking a cheap NAS box	Comment	Open	Network Vulnerabi…
2	08/24/2008	500	Internet bandwidth consumption - sud…	Comment	Open	Network analysis …
3	08/23/2008	500	Free testing tool for checking sql injecti…	Comment	Open	Network Vulnerabi…
4	08/22/2008	250	Dst IP session limit! From 10.2.0…	Comment	Open	Network Vulnerabi…
5	08/21/2008	0	Security scan returns "IP address rev…	Comment	PAQ	Network Vulnerabi…

22 Questions Asked

0 Questions Open

21 Questions Graded

1 Question Deleted

	Date	Points	Title	Status	Zone
1	06/13/2008	500	Simulating a private network (with a public int…	PAQ	VMware …
2	05/30/2008	0	HTTP GET request - Range Header example	PAQ	HTTP …
3	05/10/2008	500	Do not do something while you're doing a som…	PAQ	Puzzles / Riddles
4	02/13/2008	0	17 Feb - Deletion of a Question with Comme…	PAQ	New To EE
5	02/10/2008	0	Answer validity - Comments appreciated.	PAQ	Expert Input