Here are some security tips for MSSQL (sp xp_cmdshell, OPENROWSET, and OPENDATASOURCE),
IIS (very long urls, over 4096 bytes), applying non-privileged accounts and accounts in general, and so on… 😉
Technorati Tags: SQL Injections, Security
Advertisements