SQL Injection Attacks by Country of Origin

Here is a world map of SQL injection attacks by their country of origin from January to October this year. The darker the color, the higher the number of hits or percentage.



Here is a pie chart representation of the information.

Network Problem Tonight

We had a network problem tonight which affected some of our servers and applications.

It was a strange problem. I could get to our applications from home. In fact, eLearning, Skylight and the Wiki farm were all working properly. Our legacy applications showed an error which pointed to the direction of AD authentication failure. 

My colleague went in to the office and said he could not get to any of our applications at all. So, for a while, we thought there were DNS resolution problems instead. I called central ITS. They checked and confirmed that everything was working properly on their side.

We performed further tests on various part of the network. Finally we concluded that it was our firewall cluster not routing traffic properly. We rebooted them one by one, and services resumed right away.

Fortunately, eLearning (which is by far our highest usage application), Skylight Matrix Survey System, and the Wiki farm were not affected. But the rest of our legacy applications were down for about 1 hours and 20 minutes. If it happens during the finals week, and the students cannot access their materials in their last hours of revising, the impact is much more severe. 

The firewalls have been performing reliably well all along. I almost believe that they are infallible. Nothing is! We need to better prepare ourselves, have better procedure to diagnosis network problems quickly.  

Or look at it in a different angle, firewall is just one example of many possible single point of failures. We need to ask ourselves what should our operational strategy (or institutional strategy?) be to prevent single point of failures as we move forward?

Moving into Web2.0 - Delicious

Just finished our departmental retreat today about "Moving into Web2.0". I did a short story on how I am using Delicious social bookmarking service as a vehicle to help me do my job more efficiently.



I felt that the message was very well received during the presentation and demonstration. But yet during the "What are the obstacles in moving into Web2.0?" activity, many said they did not have time to experiment with various Web2.0 tools.

At least, the process of doing the presentation helps me reflect on what I'm doing and how it has been working. I feel very good about this.

Now... Challenge yourself to change some old habits, you can learn to work more efficiently. Yes, you can!

Wrapper for Microsoft SQL Injection Source Code Analyzer Tool

Microsoft has released a SQL Injection Source Code Analyzer for ASP code. Refer to KB 954476 for more information about the tool. However the analyzer can only check one ASP page at a time. It does not automatically recursive scan all ASP files in a folder. Therefore I wrote a simple wrapper around it. Here is the source code:

@echo off
setlocal
set source=\\servername\applicationname
set include=%source%\include
set logfile=check_applicationname.log
IF EXIST %logfile% DEL %logfile%
FOR /F "usebackq tokens=1 delims=?" %%i IN (`dir /S /B %source%\*.asp`) DO (
msscasi_asp.exe /NoLogo /GlobalAsaPath=%source% /input="%%i" /IncludePaths=%include% >> %logfile%
)
endlocal

F5 iRule Competiton Honorable Mention Finalist

I attended the Load Balancer iRule (scripting) competition organized by F5 Networks. I didn't win the first prize. In fact, they never even contacted me afterwards.

I just found this out today that I was on their Honorable Mention Finalist.