In the next installment of my security series, I’ll tackle SQL injection. In the true code reuse fashion, I’ll provide a couple links that do a great job of explaining some misconceptions about SQL injection and how to protect your application.
First here’s a link to a post on Glen Gordon’s blog about injection: http://blogs.msdn.com/glengordon/archive/2008/04/15/some-sql-injection-attack-misperceptions-and-reality.aspx. Glen includes a nice list of common mistakes when thinking about preventing injection attacks.
Next is a link from the MSDN magazine showing how to stop injection attacks: http://msdn2.microsoft.com/en-us/magazine/cc163917.aspx
I know this was a lazy post, but cut me some slack. I’ve got a 2 month old baby and a new PS3. 
Leave a Reply