(Page 2 of 2)
"These tools put quite a bit of SQL syntax into URL parameters. Most Web applications have no legitimate need for SQL in the actual URLs. Alarming on this syntax along with encoded variations will detect both automated tool usage as well as manual Web application attacks," Pack said.
"As soon as an attacker is identified by one of these methods their IP address should be blocked, preferably in an automated fashion. Everything that is needed to identify and stop an attack of this nature is all right there in as little as a single log entry on the Web server."
We also talked with Troy Gill, a security analyst at AppRiver. He told us that although technically no accounts have been hacked, he's sure they could be very quickly.
"It seems that the hacker has stolen a huge database of 6.5 million passwords," Gill said. "The good news is that the passwords are encrypted using SHA-1, which means the hacker will still have to exert some effort to crack them, but strong and complex passwords will take a much greater amount of time and resources than a simple password.
"Therefore, those with a complex and lengthy password will be much safer than those without. In addition, the validity of the list is still unconfirmed by LinkedIn and there is currently no evidence that the hacker obtained corresponding user names along with the passwords."