配置思科路由阻止sql注入

Basically, the ASPROX SQL Injection attack appears to be quite commonplace at the moment, but also quite serious.
To cut it short, there is a 20,000 strong botnet out there trying these attacks against websites which use .asp.
The tool actually uses google to search for these sites and then attempts to exploit them by inserting an HTML iFrame which downloads a malicious Java Script which then installs a Trojan.
Carry on reading to find out how to block this on a Cisco router!

The config is as follows, please bare in mind that you will probably need a reasonably specced router and IOS for this. IP CEF is a pre-requisite. I have tested this on 7200 series, 1700 series and 2600 series so far, leave a comment if you have sucessfully tried this on another router!
Config:
The below access list and route-map is used to take any packets that have been tagged with a DSCP value of 1 and route them to a non-existant interface. You will learn how to tag them below!
access-list 130 permit ip any any dscp 1
route-map ASPROX_POLICY_ROUTE_BITBUCKET permit 10
match ip address 130
set interface Null0
The below class-map basically tells the router that we want to match when a specific string is seen in a URL. In this case, the string is part of the get request that the attack uses. Note the “\” which are needed before any bracket as a delimiter!
class-map match-any ASPROX_CLASS
match protocol http url “*DECLARE%20@S%20VARCHAR\(4000\);SET*”
The Policy-map below basically tags any packet matching the above class-map with a DSCP value of 1.
policy-map ASPROX_POL
class ASPROX_CLASS
set ip dscp 1
The rest of the config attaches both the route map and the Service policy to the interface.
Interface FastEthernet0/0
ip policy route-map ASPROX_POLICY_ROUTE_BITBUCKET
service-policy input ASPROX_POL
To confirm that this is being hit you can do a “show policy-map interface” on the router. You should see the packets incrementing. This of course assumes that you are actually seeing the traffic
 
JJ比赛是以竞技、斗智为核心的棋牌游戏平台,目前有JJ斗地主、JJ麻将二款游戏,32种比赛,四大赛制。体验棋牌游戏上千人pk,让您感受到从未有过的刺激。在这里,如果您技术还不错,各类实物大奖、荣誉在等着您来抢,如果您只是来休闲娱乐下,那么我们准备了很多Q币、手机点卡、游戏点卡,欢迎随时过来拿!
JJ比赛斗地主,Q币、手机充值卡、游戏点卡任你赢!注册账号加入战斗吧!
http://51CTO提醒您,请勿滥发广告!/indexTG.html?promoterid=102847711
JJ 比赛斗地主,体验与千人混战的竞技斗地主!
http://51CTO提醒您,请勿滥发广告!/indexTG.html?promoterid=102847711
JJ比赛斗地主,高手间的较量,斗地主精英牌照你拿了吗??
http://51CTO提醒您,请勿滥发广告!/indexTG.html?promoterid=102847711
JJ比赛麻将,边搓麻边赢Q币、游戏点卡,快来体验吧!
http://51CTO提醒您,请勿滥发广告!/indexTG.html?promoterid=102847711
报名JJ比赛麻将,体验乡试考状元比赛,金榜题名还是名落孙山?由你牌技所决定!更有
丰富奖品等你拿! http://51CTO提醒您,请勿滥发广告!/indexTG.html?promoterid=102847711
JJ麻将上线了,参加JJ科举考试,中竞技世界MVP状元秀,这里只有高手,你敢来吗??
http://51CTO提醒您,请勿滥发广告!/indexTG.html?promoterid=102847711
 
jj斗地主客户端绿色版下载地:http://51CTO提醒您,请勿滥发广告!/JJMatch_NoSound_Setup.rar
 

你可能感兴趣的:(数据库,职场,休闲)