SourceFIRE Alerts SQL generic convert injection attempt

zakameeri · ‎05-08-2016

Hello Guys,

I'm new in SourceFire IPS and I use to receive alerts as follow "[1:26925:1] "SQL generic convert injection attempt - GET parameter" [Impact: Potentially Vulnerable] From "DC IP Address" at Data & Time [Classification: Web Application Attack] [Priority: 1] {tcp} Staff PC IP Address:49813 (unknown)->Server IP Address:5000 (unknown)"

it is not clear for mean can someone clarify it more and advice me.

Jetsy Mathew · ‎05-09-2016

Hello Zakameeri,

Looks like you are receiving the intrusion events for this signature.

As a pre-requisite make sure that the device SRU version is anyways updated to the latest.

If you are receiving this Intrusion events , please contact the Sourcefire TAC team for the further investigation. Provide the packet download respective to this Intrusion Event and provide a troubleshoot for the further investigation.

Regards

Jetsy

SourceFIRE Alerts SQL generic convert injection attempt

Catalyst SD-WAN : Generic SIGを用いたSecure AccessとのIPsec VPNの確立

事例 : Authentication attempt timed out について

Hi. FireSIGHT/Sourcefire

Generative AI Content Category

使用wireshark 抓数据库SQL包【原创】