Forum Discussion
mwitt_65218
May 20, 2009Nimbostratus
Just an update in case you two, or anybody else for that matter, are interested ....
What I did yesterday seems to have worked with concern to the SQL-INJ ROOT@ Attack Signature and the username parameter. Yesterday I enabled that Attack Sig for the entire policy since I had disabled it. Yesterday I changed the username parameter from global to object and I brought in that particular Attack Sig to the Overridden Security Policy Settings section to disable it.
Today the jroot@morrison.com logged in per the logs in the Reports section. I do not see anymore in the logs how the SQL-INJ ROOT@ Attack Sig would block this user.
I do see a log when this user logged in about Illegal Static Parameter Value and Modified Domain Cookie(s).
When I open a log for the login of jroot@morrison.com that shows Illegal Static Parameter Value and Modified Domain Cookie(s) and I click ACCEPT, does this mean that next time jroot@morrison.com logs in he will not generate this log about Illegal Static Parameter Value and Modified Domain Cookie(s)?
Anyway, thanks again to you two for your replies as they both helped me very much.