Please wait while the page is being loaded Skip this advertisement >
Sunday | 23 November, 2008
ARN

How to not have your Web site hacked like Sony's

A SQL injection attack was used to plant malicious code on pages of two popular Sony Playstation games - SingStar Pop and God of War, reports security company Sophos. Hundreds of Web pages from other businesses have also been compromised.
Brian Jackson (ITBusiness.ca) 07 July, 2008 08:23:22
Page:

Identify: For those using ASP code on their Web sites, another Microsoft tool can analyze the code and then output a display of the areas that are vulnerable to SQL injection. The tool also comes with documentation that actually tells users how to fix the different problems that could be found in the code analyzed. Download the Microsoft Source Code Analyzer for SQL Injection at Microsoft Knowledge Base Article 954476.

Fixing the actual root of the problem is important, Cluley says. A Web site that simply removes the injected code but doesn't patch up the exploit will find the code is re-inserted in short order by automated botnets.

It's not clear what steps Sony has taken with its Web site at this time. "We haven't heard directly back from their Web team," the Sophos consultant says.

ITBusiness.ca attempted to contact Sony, but did not receive a response.

Page:
Have your say!
ARN Directory | Distributors relevant to this article
ACA Pacific , Alloys International , Also Technology , Altech Computers , Anixter , Aquion , ASI Solutions , Australasian PC Distributors (APCD) , Avnet Technology Solutions , Banksia Software , Bluechip Infotech , Cellnet , Compucon Computers , Computergate , Datastor , Data Technology Solutions , Dicker Data , EDsys Computers , Electronic Concepts , Express Data , Express Online , Impact Systems Technology , Infortech Distribution , Ingram Micro Australia , itX , LDS International , Leader Computers , Leading Pacific Australia , Lynx Technologies , MPA Systems , Multimedia Technology , NewLease , Nexsan , Ocean Office Automation , Open Channel Solutions , Phoenix Toner , Simms International , SLI-Consulting , Synnex Australia , Techhead Connect , Topstar Computer International , Unixpac , Westan , XiT Distribution , Xpress I.T.
ARN Directory | Vendors relevant to this article
CA , HP , Sophos
Additional Resources
ARN Library
white paper Click here for case studies, whitepapers and other useful vendor content
Newsletter Subscription
Sign up for our ARN newsletters!
RSS Feeds
Market Place
Power through the disruptions: Uninterruptibility from Eaton!
Find out how to win an IPod Touch with ARN.
POS POS is the leading value-added distributor of point of sale & point of service technologies in ANZ.
Become a Lenovo Legend Now! Join the sales incentive exclusively for Lenovo Business Partners.
Kaspersky Internet Security 2009 released - with virtual keyboard for safe entry of passwords. Try it..
 
Panel Sessions

  • ARN Panel Sessions: Day 3

    The last of our panel sessions recorded live at CeBIT 2008. Today, the topic is storage. Data is growing at an enormous rate, so what does the future hold?

Play
See all Panel Sessions videos >>
ARN news
Play
See all news >>
Channel Watch
Play
See all Channel Watch videos >>
Business Continuity & Disaster Recovery Zone

When an IT disaster occurs, how handy it would be to push a button and start again as if nothing had happened.
Discover and learn more about CA XOSoft today.
ARN Distributor Directory
 
Find distributors by name
Find distributors by vendor
Find distributors by location
ARN Vendor Directory
 
Find vendors by name | Find by category
Get a job Careerone
ARN Library


Read Material

Dimension Data, La Trobe University and Windows Server 2008 partner to improve compliance

La Trobe University partnered with Dimension Data to deploy Windows Server 2008 and Network Access Protection technology to improve their existing network security solution.

Sponsored Links