topic Vulnerability assessment (False Positives and Evaluation Method) in General Topics https://live.paloaltonetworks.com/t5/general-topics/vulnerability-assessment-false-positives-and-evaluation-method/m-p/7844#M5793 <HTML><HEAD></HEAD><BODY><P>Is there a good write-up on how the vulnerability assessment is performed and how it actually works?&nbsp; Specifically, we had a web server set up in front of a MSSQL server -- for hosts connecting to the web server from IP segment "A" it worked fine, but hosts from segment "B" caused the creation of "<A href="https://216.130.23.127/esp/monitor.esp#" style="color: #036dda; text-decoration: none;" title="Threat Detail">HTTP SQL Injection Attempt</A> " messages in the Threats log.&nbsp; Adding an exception not only fixed the problem for segment "B", but also the other segments that couldn't login in (the web server's page was authenticating against the SQL server).</P></BODY></HTML> Fri, 22 Apr 2011 20:47:55 GMT bhelman 2011-04-22T20:47:55Z Vulnerability assessment (False Positives and Evaluation Method) https://live.paloaltonetworks.com/t5/general-topics/vulnerability-assessment-false-positives-and-evaluation-method/m-p/7844#M5793 <HTML><HEAD></HEAD><BODY><P>Is there a good write-up on how the vulnerability assessment is performed and how it actually works?&nbsp; Specifically, we had a web server set up in front of a MSSQL server -- for hosts connecting to the web server from IP segment "A" it worked fine, but hosts from segment "B" caused the creation of "<A href="https://216.130.23.127/esp/monitor.esp#" style="color: #036dda; text-decoration: none;" title="Threat Detail">HTTP SQL Injection Attempt</A> " messages in the Threats log.&nbsp; Adding an exception not only fixed the problem for segment "B", but also the other segments that couldn't login in (the web server's page was authenticating against the SQL server).</P></BODY></HTML> Fri, 22 Apr 2011 20:47:55 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-assessment-false-positives-and-evaluation-method/m-p/7844#M5793 bhelman 2011-04-22T20:47:55Z Re: Vulnerability assessment (False Positives and Evaluation Method) https://live.paloaltonetworks.com/t5/general-topics/vulnerability-assessment-false-positives-and-evaluation-method/m-p/7845#M5794 <HTML><HEAD></HEAD><BODY><P>I would start with a packet capture, and see what the requests look like.</P></BODY></HTML> Tue, 26 Apr 2011 19:52:49 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-assessment-false-positives-and-evaluation-method/m-p/7845#M5794 mharding 2011-04-26T19:52:49Z