Analysis of SQL Injection Methods and Its Prevention
Transcript of Analysis of SQL Injection Methods and Its Prevention
![Page 1: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/1.jpg)
© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice
NNMi
Jetzt wechseln oderwarten?
Carsten Bernhardt
Technical Presales Consultant, HP Software
1
![Page 2: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/2.jpg)
Aktuelle Agenda
• Lizenzwandlung
• APA oder Netmon
• Network State Poller
• Live Demo NNMi 8
• Jetzt wechseln oder warten?
2
![Page 3: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/3.jpg)
• Lizenzwandlung
• APA oder Netmon?
• Network State Poller
• Live Demo NNMi 8
• Jetzt wechseln oder warten?
![Page 4: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/4.jpg)
Lizenzwandlung
• 30-day evaluation
• Permanentes NNMi Lizenzpassword:
https://webware.hp.com/welcome.asp
−“migrate licenses” auswählen
−Migration password: UPG2NNM8I
−Anweisungen befolgen
−Sorgsam lesen!
4
![Page 5: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/5.jpg)
NNM 7.5x / NNMi parallel betreiben
• Both NNM 7.x and NNMi 8.x can be used in parallel until December 31, 2008 and both will be supported until that date.
• However, when your migration to NNMi 8.x is complete, please contact your HP Support Contract Administration professional to update your support contract to reflect your NNMi 8.x deployment. As soon as you have completed your migration to NNMi 8.x, your support contract must be updated to avoid duplicate costs.
5
![Page 6: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/6.jpg)
Vereinfachte Lizenzierung
• NNM 7.5x
−250 Packete
−1000 Pakete
−5000 Packete
−Unlimited
• NNMi
−50 Packete
6
![Page 7: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/7.jpg)
© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice
• Lizenzwandlung
• APA oder Netmon?
• Network State Poller
• Live Demo NNMi 8
• Jetzt wechseln oder warten?
![Page 8: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/8.jpg)
APA oder Netmon?
8
Muss ein verteiltes Monitoring betrieben werden?Wie hoch ist die Anzahl meiner Netzwerkkomponenten?
![Page 9: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/9.jpg)
APA oder netmon?
APA netmon
multi-threaded single-threaded
Pollt unconnected Interfaces nicht Pollt unconnected Interfaces
Identifiziert Root Cause eines Verbindungsausfall basierend auf ET Topologie
Identifiziert Root Cause auf Grund von down-stream Pfad Informationen
Analysiert Informationen der benachbarten Interface und verifiziert diese bevor Events generiert werden
Generiert Alarme auf Grund von polling
Pollt HSRP Gruppen (Advanced Routing SPI) Pollt keine HSRP Gruppen
Kann Duplicate IP Address Domains pollen
Kann keine Duplicate IP AddressDomains pollen
9
![Page 10: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/10.jpg)
Knoten aus APA Sicht
Knoten enthält:
• Boards
• Interface
• IP Adressen
• Management Adresse
• Aggregierte Interfaces
Granulares Polling durch flexible Filter
10
Interface
Node AggInterface
MgmtAddr
Board 2
(e.g. Supervisor)
Addr
Board 1 Interface
Addr Addr
Interface
![Page 11: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/11.jpg)
… und netmon
Knoten enthält:
• Interfaces
• IP Adressen
Aber der Status einesInterfaces und seiner IP Adresse wird gleichgesetzt
11
Interface
Node AggInterface
SNMPAddr
Board 2
(e.g. Supervisor)
Addr
Board 1 Interface
Addr Addr
Interface
![Page 12: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/12.jpg)
Beispiel: APA Interface Down
APA ALARMS
IF Down 4
Addr1 Unreachable
Addr2 Unreachable
Status wird zum Board und Knoten propagiert
12
Interface
Node AggInterface
MgmtAddr
Board 2
(e.g. Supervisor)
Addr
Board 1 Interface
Addr Addr
Interface
![Page 13: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/13.jpg)
APA Poller: The big switch
• APA polling einschalten und netmon status polling ausschalten:− $OV_BIN/ovet_apaConfig.ovpl –enable APAPolling
• APA polling ausschalten und netmon status polling einschalten:− $OV_BIN/ovet_apaConfig.ovpl –disable APAPolling
• APA polling überprüfen− $OV_BIN/ovet_apaConfig.ovpl –query APAPolling
![Page 14: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/14.jpg)
Poller Status
APA netmon
Critical Critical
Major
Minor Minor
Warning
Normal Normal
Unknown Unknown
14
![Page 15: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/15.jpg)
Event Triggered Polling
• Initiiert einen Status Poll zeitnah
−Ein Trap von einem Knoten (z.B. linkup)
−Eine syslog Message
−RAMS Route Adjacency Failure
−Andere Applikation
• Korreliert auslösende Traps mit den Ergebnis Events.
• Ähnlich dem demandpoll von der Kommandozeile
![Page 16: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/16.jpg)
© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice
• Lizenzwandlung
• APA oder Netmon?
• Network State Poller
• Live Demo NNMi 8
• Jetzt wechseln oder warten?
![Page 17: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/17.jpg)
APA nicht gleich Network State Poller
APA(ovet_poll)
Topology
paConfig.xml
Event DB
Eventsubsystem
APA Network State Poller
CausalEngine
Blackboard
StatusEngine
StatePoller
NNMi DB
![Page 18: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/18.jpg)
18
Checking State Poller Health
In “About Network Node Manager” gibt eseinen AbschnittState Poller Health.
In der JMX-Consoleexistieren weitere Details zum State Poller Health.
![Page 19: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/19.jpg)
© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice
• Lizenzwandlung
• APA oder Netmon?
• Network State Poller
• Live Demo NNMi 8
• Jetzt wechseln oder warten?
![Page 20: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/20.jpg)
Live Demo
![Page 21: Analysis of SQL Injection Methods and Its Prevention](https://reader035.fdocuments.us/reader035/viewer/2022071601/613d4bd2736caf36b75ba5dc/html5/thumbnails/21.jpg)
Jetzt wechseln oder warten?