<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_12_10_1334205</id>
	<title>SQL Injection Attack Claims 132,000+</title>
	<author>CmdrTaco</author>
	<datestamp>1260454980000</datestamp>
	<htmltext>An anonymous reader writes <i>"A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites. ScanSafe reports that the injected iframe loads malicious content from 318x.com, <a href="http://www.net-security.org/secworld.php?id=8604">which eventually leads to the installation of a rootkit-enabled variant of the Buzus backdoor trojan</a>. A Google search on the iframe resulted in over 132,000 hits as of December 10, 2009."</i></htmltext>
<tokenext>An anonymous reader writes " A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites .
ScanSafe reports that the injected iframe loads malicious content from 318x.com , which eventually leads to the installation of a rootkit-enabled variant of the Buzus backdoor trojan .
A Google search on the iframe resulted in over 132,000 hits as of December 10 , 2009 .
"</tokentext>
<sentencetext>An anonymous reader writes "A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites.
ScanSafe reports that the injected iframe loads malicious content from 318x.com, which eventually leads to the installation of a rootkit-enabled variant of the Buzus backdoor trojan.
A Google search on the iframe resulted in over 132,000 hits as of December 10, 2009.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390962</id>
	<title>Re:Lame coders who don't care about security!</title>
	<author>V for Vendetta</author>
	<datestamp>1260470820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>I used to work with Classic ASP scripts,[...] which were very prone to SQL injection attacks</p></div>
</blockquote><p>I don't think so. It's a matter of using available ADO objects/methods. ASP Classic:</p><blockquote><div><p> <tt>Dim sSQL, sLastName, cmd, prm, rs<br> <br>sLastName = Request.Form("txtLastName")<br> <br>sSQL = "SELECT * FROM Customer WHERE LastName = ?;"<br> <br>Set cmd = Server.CreateObject("ADODB.Command")<br>cmd.ActiveConnection = cn<br>cmd.CommandType = adCmdText<br>cmd.CommandText = sSQL<br>cmd.Prepared = True<br> <br>Set prm = cmd.CreateParameter("LastName", adBSTR, adParamInput, Len(sLastName), sLastName)<br>cmd.Parameters.Append prm<br> <br>Set rs = cmd.Execute()</tt></p></div> </blockquote></div>
	</htmltext>
<tokenext>I used to work with Classic ASP scripts , [ ... ] which were very prone to SQL injection attacks I do n't think so .
It 's a matter of using available ADO objects/methods .
ASP Classic : Dim sSQL , sLastName , cmd , prm , rs sLastName = Request.Form ( " txtLastName " ) sSQL = " SELECT * FROM Customer WHERE LastName = ?
; " Set cmd = Server.CreateObject ( " ADODB.Command " ) cmd.ActiveConnection = cncmd.CommandType = adCmdTextcmd.CommandText = sSQLcmd.Prepared = True Set prm = cmd.CreateParameter ( " LastName " , adBSTR , adParamInput , Len ( sLastName ) , sLastName ) cmd.Parameters.Append prm Set rs = cmd.Execute ( )</tokentext>
<sentencetext>I used to work with Classic ASP scripts,[...] which were very prone to SQL injection attacks
I don't think so.
It's a matter of using available ADO objects/methods.
ASP Classic: Dim sSQL, sLastName, cmd, prm, rs sLastName = Request.Form("txtLastName") sSQL = "SELECT * FROM Customer WHERE LastName = ?
;" Set cmd = Server.CreateObject("ADODB.Command")cmd.ActiveConnection = cncmd.CommandType = adCmdTextcmd.CommandText = sSQLcmd.Prepared = True Set prm = cmd.CreateParameter("LastName", adBSTR, adParamInput, Len(sLastName), sLastName)cmd.Parameters.Append prm Set rs = cmd.Execute() 
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389232</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390204</id>
	<title>SQL injections? Are those for H1N1?</title>
	<author>fortapocalypse</author>
	<datestamp>1260468480000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext>Oops. Send those SQL injections back. We don't need them.</htmltext>
<tokenext>Oops .
Send those SQL injections back .
We do n't need them .</tokentext>
<sentencetext>Oops.
Send those SQL injections back.
We don't need them.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391244</id>
	<title>Re:The real problem</title>
	<author>Anonymous</author>
	<datestamp>1260471720000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>SQL injection is used to "inject" iframes into a websites database.  Then when a visitor loads that content, javascrips attempt to take advantage of known vulnerabilities.   The first problem is the SQL injection on the server side.  MS and Adobe are not to blame for the SQL injection, so you cant put this all on them.</p></htmltext>
<tokenext>SQL injection is used to " inject " iframes into a websites database .
Then when a visitor loads that content , javascrips attempt to take advantage of known vulnerabilities .
The first problem is the SQL injection on the server side .
MS and Adobe are not to blame for the SQL injection , so you cant put this all on them .</tokentext>
<sentencetext>SQL injection is used to "inject" iframes into a websites database.
Then when a visitor loads that content, javascrips attempt to take advantage of known vulnerabilities.
The first problem is the SQL injection on the server side.
MS and Adobe are not to blame for the SQL injection, so you cant put this all on them.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387878</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387956</id>
	<title>Re:Details?</title>
	<author>ShOOf</author>
	<datestamp>1260460020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>And in the case of SQL injections it's usually not the fault of the underlying database, it's stupid coders who don't validate their inputs.</p></htmltext>
<tokenext>And in the case of SQL injections it 's usually not the fault of the underlying database , it 's stupid coders who do n't validate their inputs .</tokentext>
<sentencetext>And in the case of SQL injections it's usually not the fault of the underlying database, it's stupid coders who don't validate their inputs.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389188</id>
	<title>Re:Details?</title>
	<author>HangingChad</author>
	<datestamp>1260465480000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p> <i>They didn't mention it because it doesn't matter. Its the result of bad coding practices.</i>

</p><p>It does too matter.  You don't infect 132,000 web sites with separate injection attacks.  That's automated.  Lot of the people running forums and CMS-driven web sites don't understand the code well enough to fix anything.

</p><p>Heck, one of my sites was hacked once, through the forum software.  I'm not in the habit of combing through forum code looking for unvalidated inputs.  So if someone could mention what the parent exploit is, what versions of that software are effected and whether the operating system OS makes a difference, then those same webmasters could make sure their software was up to date.  This article describes the client exploit.  I don't care about that, surf with Windows and that's going to happen.  I do care that crap isn't originating with any of my web sites.</p></htmltext>
<tokenext>They did n't mention it because it does n't matter .
Its the result of bad coding practices .
It does too matter .
You do n't infect 132,000 web sites with separate injection attacks .
That 's automated .
Lot of the people running forums and CMS-driven web sites do n't understand the code well enough to fix anything .
Heck , one of my sites was hacked once , through the forum software .
I 'm not in the habit of combing through forum code looking for unvalidated inputs .
So if someone could mention what the parent exploit is , what versions of that software are effected and whether the operating system OS makes a difference , then those same webmasters could make sure their software was up to date .
This article describes the client exploit .
I do n't care about that , surf with Windows and that 's going to happen .
I do care that crap is n't originating with any of my web sites .</tokentext>
<sentencetext> They didn't mention it because it doesn't matter.
Its the result of bad coding practices.
It does too matter.
You don't infect 132,000 web sites with separate injection attacks.
That's automated.
Lot of the people running forums and CMS-driven web sites don't understand the code well enough to fix anything.
Heck, one of my sites was hacked once, through the forum software.
I'm not in the habit of combing through forum code looking for unvalidated inputs.
So if someone could mention what the parent exploit is, what versions of that software are effected and whether the operating system OS makes a difference, then those same webmasters could make sure their software was up to date.
This article describes the client exploit.
I don't care about that, surf with Windows and that's going to happen.
I do care that crap isn't originating with any of my web sites.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390316</id>
	<title>Re:hey</title>
	<author>yanyan</author>
	<datestamp>1260468780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I don't have S(ATA|CSI) you insensitive clod!</p></htmltext>
<tokenext>I do n't have S ( ATA | CSI ) you insensitive clod !</tokentext>
<sentencetext>I don't have S(ATA|CSI) you insensitive clod!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388910</id>
	<title>Re:Let's say it all together now...</title>
	<author>Anonymous</author>
	<datestamp>1260464580000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Damm you could be preaching to the choir; ever thought of posting this on digg...just have a good scrubdown, prison-style, afterwards</p></htmltext>
<tokenext>Damm you could be preaching to the choir ; ever thought of posting this on digg...just have a good scrubdown , prison-style , afterwards</tokentext>
<sentencetext>Damm you could be preaching to the choir; ever thought of posting this on digg...just have a good scrubdown, prison-style, afterwards</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387946</id>
	<title>Re:why don't these go away?</title>
	<author>Anonymous</author>
	<datestamp>1260459960000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><p>No, the real question to ask is why, after so many successful, large-scale exploitations of Windows-based servers, people can still justify using it. Not only that, but somehow they can justify paying huge licensing fees just to use it.</p><p>Now, I'm not saying that open source solutions are necessarily better. MySQL and PHP are just as shitty as anything you'll find on Windows.</p><p>But PHP and MySQL aren't the only open source options, of course. For web sites, using PostgreSQL as the database and a language like Perl, Python or Ruby often provide a much more secure and reliable platform.</p></htmltext>
<tokenext>No , the real question to ask is why , after so many successful , large-scale exploitations of Windows-based servers , people can still justify using it .
Not only that , but somehow they can justify paying huge licensing fees just to use it.Now , I 'm not saying that open source solutions are necessarily better .
MySQL and PHP are just as shitty as anything you 'll find on Windows.But PHP and MySQL are n't the only open source options , of course .
For web sites , using PostgreSQL as the database and a language like Perl , Python or Ruby often provide a much more secure and reliable platform .</tokentext>
<sentencetext>No, the real question to ask is why, after so many successful, large-scale exploitations of Windows-based servers, people can still justify using it.
Not only that, but somehow they can justify paying huge licensing fees just to use it.Now, I'm not saying that open source solutions are necessarily better.
MySQL and PHP are just as shitty as anything you'll find on Windows.But PHP and MySQL aren't the only open source options, of course.
For web sites, using PostgreSQL as the database and a language like Perl, Python or Ruby often provide a much more secure and reliable platform.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390198</id>
	<title>hmmm...</title>
	<author>Anonymous</author>
	<datestamp>1260468480000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>can't find the path HKEY\_LOCAL\_MACHINE\SYSTEM\ControlSet001\Services\DrvKiller on my linux box...any ideas?</p></htmltext>
<tokenext>ca n't find the path HKEY \ _LOCAL \ _MACHINE \ SYSTEM \ ControlSet001 \ Services \ DrvKiller on my linux box...any ideas ?</tokentext>
<sentencetext>can't find the path HKEY\_LOCAL\_MACHINE\SYSTEM\ControlSet001\Services\DrvKiller on my linux box...any ideas?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368</id>
	<title>Re:Details?</title>
	<author>Anonymous</author>
	<datestamp>1260462240000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>They didn't mention it because it doesn't matter. Its the result of bad coding practices. A sql injection attack is caused by the front end application accepting whatever input its given and using to generate the sql statements. You stop these attacks by sanitizing your input, use stored procedures to do the database work, and possibly stick in a middle ware tear to handle  database access, ie apache -&gt; websphere -&gt; database.</p></htmltext>
<tokenext>They did n't mention it because it does n't matter .
Its the result of bad coding practices .
A sql injection attack is caused by the front end application accepting whatever input its given and using to generate the sql statements .
You stop these attacks by sanitizing your input , use stored procedures to do the database work , and possibly stick in a middle ware tear to handle database access , ie apache - &gt; websphere - &gt; database .</tokentext>
<sentencetext>They didn't mention it because it doesn't matter.
Its the result of bad coding practices.
A sql injection attack is caused by the front end application accepting whatever input its given and using to generate the sql statements.
You stop these attacks by sanitizing your input, use stored procedures to do the database work, and possibly stick in a middle ware tear to handle  database access, ie apache -&gt; websphere -&gt; database.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389794</id>
	<title>Re:Details?</title>
	<author>Anonymous</author>
	<datestamp>1260467220000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Just use parameters for user input. Don't try to validate against SQL injection. You will get it wrong anyway.</p></htmltext>
<tokenext>Just use parameters for user input .
Do n't try to validate against SQL injection .
You will get it wrong anyway .</tokentext>
<sentencetext>Just use parameters for user input.
Don't try to validate against SQL injection.
You will get it wrong anyway.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387956</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390528</id>
	<title>Re:How is SQL involved?</title>
	<author>cenc</author>
	<datestamp>1260469380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>folder permissions.</p></htmltext>
<tokenext>folder permissions .</tokentext>
<sentencetext>folder permissions.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387984</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390212</id>
	<title>Re:hey</title>
	<author>grking</author>
	<datestamp>1260468540000</datestamp>
	<modclass>Troll</modclass>
	<modscore>0</modscore>
	<htmltext><p>How is this modded +4 funny?</p><p>Those who are inexperienced and inquisitive certainly won't find it funny when they kill their entire system by executing this command.  Would it be funny if I linked a trojan to this post which formats your system.  No.  </p><p>You're the sort of guy who leaves mains electrical cables exposed so he can laugh at his kids when they touch them.  They should have known better right?  </p></htmltext>
<tokenext>How is this modded + 4 funny ? Those who are inexperienced and inquisitive certainly wo n't find it funny when they kill their entire system by executing this command .
Would it be funny if I linked a trojan to this post which formats your system .
No. You 're the sort of guy who leaves mains electrical cables exposed so he can laugh at his kids when they touch them .
They should have known better right ?</tokentext>
<sentencetext>How is this modded +4 funny?Those who are inexperienced and inquisitive certainly won't find it funny when they kill their entire system by executing this command.
Would it be funny if I linked a trojan to this post which formats your system.
No.  You're the sort of guy who leaves mains electrical cables exposed so he can laugh at his kids when they touch them.
They should have known better right?  </sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387788</id>
	<title>Obligatory NoScript comment</title>
	<author>Anonymous</author>
	<datestamp>1260459000000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>It can't get me, I use NoScript... nana na nana</p></htmltext>
<tokenext>It ca n't get me , I use NoScript... nana na nana</tokentext>
<sentencetext>It can't get me, I use NoScript... nana na nana</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387988</id>
	<title>Obvious, but needs to be said</title>
	<author>GreenTom</author>
	<datestamp>1260460140000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext>Add to windows\system32\drivers\etc\hosts:<br> <br>
127.0.0.1   318x.com<br> <br>
And you should be safe, for the moment.</htmltext>
<tokenext>Add to windows \ system32 \ drivers \ etc \ hosts : 127.0.0.1 318x.com And you should be safe , for the moment .</tokentext>
<sentencetext>Add to windows\system32\drivers\etc\hosts: 
127.0.0.1   318x.com 
And you should be safe, for the moment.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390604</id>
	<title>Block China ISP blocks.</title>
	<author>cenc</author>
	<datestamp>1260469680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>These are again Chinese based servers.</p><p><a href="http://google.com/safebrowsing/diagnostic?site=318x.com/" title="google.com">http://google.com/safebrowsing/diagnostic?site=318x.com/</a> [google.com]</p></htmltext>
<tokenext>These are again Chinese based servers.http : //google.com/safebrowsing/diagnostic ? site = 318x.com/ [ google.com ]</tokentext>
<sentencetext>These are again Chinese based servers.http://google.com/safebrowsing/diagnostic?site=318x.com/ [google.com]</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390544</id>
	<title>Re:The real problem</title>
	<author>ToasterMonkey</author>
	<datestamp>1260469440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>So the SQL injection which landed those vulnerabilities on 100+ thousand formerly trusted sites is not a real problem?</p></htmltext>
<tokenext>So the SQL injection which landed those vulnerabilities on 100 + thousand formerly trusted sites is not a real problem ?</tokentext>
<sentencetext>So the SQL injection which landed those vulnerabilities on 100+ thousand formerly trusted sites is not a real problem?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387878</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388306</id>
	<title>Re:How is SQL involved?</title>
	<author>gregarican</author>
	<datestamp>1260461880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The SQL injection allows the malware scripts to be placed on websites. Then website visitors get hit with the malware the scripts facilitate. Of course, silly me, I went and RTFA. Half of the headlines on<nobr> <wbr></nobr>/. are either grammatically incorrect, sensationalized, or just plain silly...</htmltext>
<tokenext>The SQL injection allows the malware scripts to be placed on websites .
Then website visitors get hit with the malware the scripts facilitate .
Of course , silly me , I went and RTFA .
Half of the headlines on / .
are either grammatically incorrect , sensationalized , or just plain silly.. .</tokentext>
<sentencetext>The SQL injection allows the malware scripts to be placed on websites.
Then website visitors get hit with the malware the scripts facilitate.
Of course, silly me, I went and RTFA.
Half of the headlines on /.
are either grammatically incorrect, sensationalized, or just plain silly...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387874</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389636</id>
	<title>Sorry I'm confused...</title>
	<author>Kc\_spot</author>
	<datestamp>1260466800000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>so if your site gets infected will you lose control of what goes on it or will it look like the "Hackers movie" MS paint thing, just be a pain in the a**?</htmltext>
<tokenext>so if your site gets infected will you lose control of what goes on it or will it look like the " Hackers movie " MS paint thing , just be a pain in the a * * ?</tokentext>
<sentencetext>so if your site gets infected will you lose control of what goes on it or will it look like the "Hackers movie" MS paint thing, just be a pain in the a**?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390234</id>
	<title>Re:Obvious, but needs to be said</title>
	<author>Nohea</author>
	<datestamp>1260468540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>safe until next week, when they use another address.</p><p>Checking inputs is the only fix.</p></htmltext>
<tokenext>safe until next week , when they use another address.Checking inputs is the only fix .</tokentext>
<sentencetext>safe until next week, when they use another address.Checking inputs is the only fix.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387988</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389232</id>
	<title>Lame coders who don't care about security!</title>
	<author>DNX Blandy</author>
	<datestamp>1260465600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Lame, or just to stupid to understand! OK, I'm a coder but I take security very seriously. Why are sites still prone to this type of attack? I used to work with Classic ASP scripts, (I use<nobr> <wbr></nobr>.NET now obviously), which were very prone to SQL injection attacks but I had no problems, mainly because on all pages, I simply check the query string for the following:

char(
cast(
convert(

If it contained any of these, add IP to bad list and redirect to<nobr> <wbr></nobr>/banned.htm page.

SIMPLE!!</htmltext>
<tokenext>Lame , or just to stupid to understand !
OK , I 'm a coder but I take security very seriously .
Why are sites still prone to this type of attack ?
I used to work with Classic ASP scripts , ( I use .NET now obviously ) , which were very prone to SQL injection attacks but I had no problems , mainly because on all pages , I simply check the query string for the following : char ( cast ( convert ( If it contained any of these , add IP to bad list and redirect to /banned.htm page .
SIMPLE ! !</tokentext>
<sentencetext>Lame, or just to stupid to understand!
OK, I'm a coder but I take security very seriously.
Why are sites still prone to this type of attack?
I used to work with Classic ASP scripts, (I use .NET now obviously), which were very prone to SQL injection attacks but I had no problems, mainly because on all pages, I simply check the query string for the following:

char(
cast(
convert(

If it contained any of these, add IP to bad list and redirect to /banned.htm page.
SIMPLE!!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387778</id>
	<title>Come on, what a crappy article!</title>
	<author>Anonymous</author>
	<datestamp>1260459000000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Doesn't say what systems are affected by this SQL Injection.  What is the vulnerability?  Doesn't say how to detect a compromised server.  Etc...</p><p>What is the point of this?</p></htmltext>
<tokenext>Does n't say what systems are affected by this SQL Injection .
What is the vulnerability ?
Does n't say how to detect a compromised server .
Etc...What is the point of this ?</tokentext>
<sentencetext>Doesn't say what systems are affected by this SQL Injection.
What is the vulnerability?
Doesn't say how to detect a compromised server.
Etc...What is the point of this?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389330</id>
	<title>132,000 hits on Google  132,000 infections</title>
	<author>shdragon</author>
	<datestamp>1260465900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I must disagree with the way they calculated infections. Counting the number of times something comes up on Google does not equal the number of infections.</p></htmltext>
<tokenext>I must disagree with the way they calculated infections .
Counting the number of times something comes up on Google does not equal the number of infections .</tokentext>
<sentencetext>I must disagree with the way they calculated infections.
Counting the number of times something comes up on Google does not equal the number of infections.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387846</id>
	<title>Reminds me of xkcd</title>
	<author>Anonymous</author>
	<datestamp>1260459240000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext>Seriously people stop naming your kids with <a href="http://xkcd.com/327/" title="xkcd.com" rel="nofollow">');DROP TABLE</a> [xkcd.com] at the end...</htmltext>
<tokenext>Seriously people stop naming your kids with ' ) ; DROP TABLE [ xkcd.com ] at the end.. .</tokentext>
<sentencetext>Seriously people stop naming your kids with ');DROP TABLE [xkcd.com] at the end...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394454</id>
	<title>Re:318x.com</title>
	<author>Short Circuit</author>
	<datestamp>1260440820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I'm not familiar with any blemishes on ICANN's record of neutrality, but I, for one, wouldn't care to have my blog's domain erased because someone decided it was deemed harmful in some fashion.</p></htmltext>
<tokenext>I 'm not familiar with any blemishes on ICANN 's record of neutrality , but I , for one , would n't care to have my blog 's domain erased because someone decided it was deemed harmful in some fashion .</tokentext>
<sentencetext>I'm not familiar with any blemishes on ICANN's record of neutrality, but I, for one, wouldn't care to have my blog's domain erased because someone decided it was deemed harmful in some fashion.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387772</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389868</id>
	<title>Re:Reminds me of xkcd</title>
	<author>Ksevio</author>
	<datestamp>1260467460000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Well that would be an SQL injection attack... Does everything that's been covered by XKCD remind you of it now?</htmltext>
<tokenext>Well that would be an SQL injection attack... Does everything that 's been covered by XKCD remind you of it now ?</tokentext>
<sentencetext>Well that would be an SQL injection attack... Does everything that's been covered by XKCD remind you of it now?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387846</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786</id>
	<title>why don't these go away?</title>
	<author>Anonymous</author>
	<datestamp>1260459000000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>If they know where the site is that's hosting the payload why don't they just shut them down?  I realize the locations for the hosting are carefully chosen to provide maximum insulation, but still you'd expect that by now (years after this sort of thing became common) that there'd be mechanisms and procedures in place to break these down swiftly?</p></htmltext>
<tokenext>If they know where the site is that 's hosting the payload why do n't they just shut them down ?
I realize the locations for the hosting are carefully chosen to provide maximum insulation , but still you 'd expect that by now ( years after this sort of thing became common ) that there 'd be mechanisms and procedures in place to break these down swiftly ?</tokentext>
<sentencetext>If they know where the site is that's hosting the payload why don't they just shut them down?
I realize the locations for the hosting are carefully chosen to provide maximum insulation, but still you'd expect that by now (years after this sort of thing became common) that there'd be mechanisms and procedures in place to break these down swiftly?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390256</id>
	<title>Activex and Flash attacked as usual...</title>
	<author>Anonymous</author>
	<datestamp>1260468600000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>    * Integer overflow vulnerability in Adobe Flash Player, described in CVE-2007-0071<br>
&nbsp; &nbsp; &nbsp; &nbsp; * MDAC ADODB.Connection ActiveX vulnerability described in MS07-009<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Microsoft Office Web Components vulnerabilities described in MS09-043<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Microsoft video ActiveX vulnerability described in MS09-032<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Internet Explorer Uninitialized Memory Corruption Vulnerability &ndash; MS09-002.</p></htmltext>
<tokenext>* Integer overflow vulnerability in Adobe Flash Player , described in CVE-2007-0071         * MDAC ADODB.Connection ActiveX vulnerability described in MS07-009         * Microsoft Office Web Components vulnerabilities described in MS09-043         * Microsoft video ActiveX vulnerability described in MS09-032         * Internet Explorer Uninitialized Memory Corruption Vulnerability    MS09-002 .</tokentext>
<sentencetext>    * Integer overflow vulnerability in Adobe Flash Player, described in CVE-2007-0071
        * MDAC ADODB.Connection ActiveX vulnerability described in MS07-009
        * Microsoft Office Web Components vulnerabilities described in MS09-043
        * Microsoft video ActiveX vulnerability described in MS09-032
        * Internet Explorer Uninitialized Memory Corruption Vulnerability – MS09-002.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30393376</id>
	<title>Search in google?</title>
	<author>webdevvie</author>
	<datestamp>1260436440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>No search link is provided..... is that to prevent clicking ? I'd like to do that search myself to check for any sites we run on our hosting platform.</htmltext>
<tokenext>No search link is provided..... is that to prevent clicking ?
I 'd like to do that search myself to check for any sites we run on our hosting platform .</tokentext>
<sentencetext>No search link is provided..... is that to prevent clicking ?
I'd like to do that search myself to check for any sites we run on our hosting platform.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388778</id>
	<title>Re:Let's say it all together now...</title>
	<author>Vellmont</author>
	<datestamp>1260464160000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><p><i><br>validate your SQL inputs before posting them against an Internet-facing database.<br></i><br>Or simply use prepared statements (or whatever the equivalent term is in your language of choice).  Prepared statements are far safer and easier than trying to validate all the current potential and future potential for breaking out of a SQL statement.  It won't protect you from people putting in their own parameters into your SQL statement (like say someone elses userID), but that's a different class of vulnerability.</p></htmltext>
<tokenext>validate your SQL inputs before posting them against an Internet-facing database.Or simply use prepared statements ( or whatever the equivalent term is in your language of choice ) .
Prepared statements are far safer and easier than trying to validate all the current potential and future potential for breaking out of a SQL statement .
It wo n't protect you from people putting in their own parameters into your SQL statement ( like say someone elses userID ) , but that 's a different class of vulnerability .</tokentext>
<sentencetext>validate your SQL inputs before posting them against an Internet-facing database.Or simply use prepared statements (or whatever the equivalent term is in your language of choice).
Prepared statements are far safer and easier than trying to validate all the current potential and future potential for breaking out of a SQL statement.
It won't protect you from people putting in their own parameters into your SQL statement (like say someone elses userID), but that's a different class of vulnerability.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388168</id>
	<title>Slashdot Effect - Mirror</title>
	<author>moj0e</author>
	<datestamp>1260461220000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>It looks like the page serving out malware is suffering from the Slashdot effect.<br>You will have to manually install the trojan.</p><p>You can get it here:<br><a href="http://microsoft.com/" title="microsoft.com" rel="nofollow">http://microsoft.com/</a> [microsoft.com]<nobr> <wbr></nobr>:)</p></htmltext>
<tokenext>It looks like the page serving out malware is suffering from the Slashdot effect.You will have to manually install the trojan.You can get it here : http : //microsoft.com/ [ microsoft.com ] : )</tokentext>
<sentencetext>It looks like the page serving out malware is suffering from the Slashdot effect.You will have to manually install the trojan.You can get it here:http://microsoft.com/ [microsoft.com] :)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258</id>
	<title>Let's say it all together now...</title>
	<author>gregarican</author>
	<datestamp>1260461640000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>validate your SQL inputs before posting them against an Internet-facing database. This isn't an SQL problem. This isn't a Windows-based problem. This is a poor coders problem. If there are high-profile websites that were compromised I'd be one pissed off PHB fo sho...</htmltext>
<tokenext>validate your SQL inputs before posting them against an Internet-facing database .
This is n't an SQL problem .
This is n't a Windows-based problem .
This is a poor coders problem .
If there are high-profile websites that were compromised I 'd be one pissed off PHB fo sho.. .</tokentext>
<sentencetext>validate your SQL inputs before posting them against an Internet-facing database.
This isn't an SQL problem.
This isn't a Windows-based problem.
This is a poor coders problem.
If there are high-profile websites that were compromised I'd be one pissed off PHB fo sho...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391552</id>
	<title>Re:Details?</title>
	<author>lseltzer</author>
	<datestamp>1260472740000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>If it's really over 100,000 sites with the same attack then there's something obvious they have in common, like the same PHP/MYSQL library, and it has a predictable vulnerability in it.</p></htmltext>
<tokenext>If it 's really over 100,000 sites with the same attack then there 's something obvious they have in common , like the same PHP/MYSQL library , and it has a predictable vulnerability in it .</tokentext>
<sentencetext>If it's really over 100,000 sites with the same attack then there's something obvious they have in common, like the same PHP/MYSQL library, and it has a predictable vulnerability in it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387878</id>
	<title>The real problem</title>
	<author>Anonymous</author>
	<datestamp>1260459480000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>So it's MS and Adobe vulnerabilities that actually let the malware onto your system.<br>FTA:</p><p>Observed exploits include:</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; * Integer overflow vulnerability in Adobe Flash Player, described in CVE-2007-0071<br>
&nbsp; &nbsp; &nbsp; &nbsp; * MDAC ADODB.Connection ActiveX vulnerability described in MS07-009<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Microsoft Office Web Components vulnerabilities described in MS09-043<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Microsoft video ActiveX vulnerability described in MS09-032<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Internet Explorer Uninitialized Memory Corruption Vulnerability &ndash; MS09-002.</p></htmltext>
<tokenext>So it 's MS and Adobe vulnerabilities that actually let the malware onto your system.FTA : Observed exploits include :         * Integer overflow vulnerability in Adobe Flash Player , described in CVE-2007-0071         * MDAC ADODB.Connection ActiveX vulnerability described in MS07-009         * Microsoft Office Web Components vulnerabilities described in MS09-043         * Microsoft video ActiveX vulnerability described in MS09-032         * Internet Explorer Uninitialized Memory Corruption Vulnerability    MS09-002 .</tokentext>
<sentencetext>So it's MS and Adobe vulnerabilities that actually let the malware onto your system.FTA:Observed exploits include:
        * Integer overflow vulnerability in Adobe Flash Player, described in CVE-2007-0071
        * MDAC ADODB.Connection ActiveX vulnerability described in MS07-009
        * Microsoft Office Web Components vulnerabilities described in MS09-043
        * Microsoft video ActiveX vulnerability described in MS09-032
        * Internet Explorer Uninitialized Memory Corruption Vulnerability – MS09-002.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391356</id>
	<title>Re:hey</title>
	<author>blair1q</author>
	<datestamp>1260472020000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>that's the point</p><p>it's not a security issue if you deliberately do something ignorant</p><p>like, say, using the internet</p><p>THE INTERNET IS NOT SECURE</p><p>says so right on the packaging, and always has</p></htmltext>
<tokenext>that 's the pointit 's not a security issue if you deliberately do something ignorantlike , say , using the internetTHE INTERNET IS NOT SECUREsays so right on the packaging , and always has</tokentext>
<sentencetext>that's the pointit's not a security issue if you deliberately do something ignorantlike, say, using the internetTHE INTERNET IS NOT SECUREsays so right on the packaging, and always has</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390212</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388336</id>
	<title>Re:why don't these go away?</title>
	<author>DogDude</author>
	<datestamp>1260462000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><i>"If they know where the site is that's hosting the payload why don't they just shut them down?"</i> <br> <br>
Who is this nebulous "they" you're referring to?</htmltext>
<tokenext>" If they know where the site is that 's hosting the payload why do n't they just shut them down ?
" Who is this nebulous " they " you 're referring to ?</tokentext>
<sentencetext>"If they know where the site is that's hosting the payload why don't they just shut them down?
"  
Who is this nebulous "they" you're referring to?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387868</id>
	<title>Maybe it's a British thing</title>
	<author>Anonymous</author>
	<datestamp>1260459420000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>but when I see "claims " I think of deaths, not malware infections.</p></htmltext>
<tokenext>but when I see " claims " I think of deaths , not malware infections .</tokentext>
<sentencetext>but when I see "claims " I think of deaths, not malware infections.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784</id>
	<title>Re:hey</title>
	<author>Anonymous</author>
	<datestamp>1260459000000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p><tt>dd if=/dev/zero of=/dev/sda bs=8192</tt> will fix it.</p></htmltext>
<tokenext>dd if = /dev/zero of = /dev/sda bs = 8192 will fix it .</tokentext>
<sentencetext>dd if=/dev/zero of=/dev/sda bs=8192 will fix it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394038</id>
	<title>Didn't work.</title>
	<author>antdude</author>
	<datestamp>1260439080000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>C:\&gt;dd if=/dev/zero of=/dev/sda bs=8192<br>'dd' is not recognized as an internal or external command,<br>operable program or batch file.</p><p>Now what? [grin]</p></htmltext>
<tokenext>C : \ &gt; dd if = /dev/zero of = /dev/sda bs = 8192'dd ' is not recognized as an internal or external command,operable program or batch file.Now what ?
[ grin ]</tokentext>
<sentencetext>C:\&gt;dd if=/dev/zero of=/dev/sda bs=8192'dd' is not recognized as an internal or external command,operable program or batch file.Now what?
[grin]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387984</id>
	<title>Re:How is SQL involved?</title>
	<author>Anonymous</author>
	<datestamp>1260460140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You are right, that's not SQL Injection attacks, rather a HTML+script injection.

A SQL Injection allows you to meddle with the sites database.</htmltext>
<tokenext>You are right , that 's not SQL Injection attacks , rather a HTML + script injection .
A SQL Injection allows you to meddle with the sites database .</tokentext>
<sentencetext>You are right, that's not SQL Injection attacks, rather a HTML+script injection.
A SQL Injection allows you to meddle with the sites database.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387874</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390578</id>
	<title>"Claims 132,000+"???</title>
	<author>Limburgher</author>
	<datestamp>1260469560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>That makes it sound like people died of SQL injection. . .</htmltext>
<tokenext>That makes it sound like people died of SQL injection .
. .</tokentext>
<sentencetext>That makes it sound like people died of SQL injection.
. .</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848</id>
	<title>Details?</title>
	<author>Anonymous</author>
	<datestamp>1260459300000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>I love the way they fail to mention what server systems might be effected.  Is it SQL Server? MySQL?<nobr> <wbr></nobr>.NET? PHP?  Windows servers?  Linux? Both?  What web sites are vulnerable?

</p><p>It's always fun to snicker when you get to the registry entries which points to Windows.  Although there was a trojan for Ubuntu in a desktop theme a few days ago, so enjoy the time to mock Windows users while it lasts.</p></htmltext>
<tokenext>I love the way they fail to mention what server systems might be effected .
Is it SQL Server ?
MySQL ? .NET ?
PHP ? Windows servers ?
Linux ? Both ?
What web sites are vulnerable ?
It 's always fun to snicker when you get to the registry entries which points to Windows .
Although there was a trojan for Ubuntu in a desktop theme a few days ago , so enjoy the time to mock Windows users while it lasts .</tokentext>
<sentencetext>I love the way they fail to mention what server systems might be effected.
Is it SQL Server?
MySQL? .NET?
PHP?  Windows servers?
Linux? Both?
What web sites are vulnerable?
It's always fun to snicker when you get to the registry entries which points to Windows.
Although there was a trojan for Ubuntu in a desktop theme a few days ago, so enjoy the time to mock Windows users while it lasts.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394820</id>
	<title>SQL injection or XSS?</title>
	<author>Anonymous</author>
	<datestamp>1260442080000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I may be a total newb, but this really looks more like cross-site scripting and not SQL injection.</p><p>From post:</p><p>"injected a malicious iframe on tens of thousands of susceptible websites"</p><p>Wikipedia:<br>http://en.wikipedia.org/wiki/Sql\_injection</p><p>http://en.wikipedia.org/wiki/Cross-site\_scripting</p></htmltext>
<tokenext>I may be a total newb , but this really looks more like cross-site scripting and not SQL injection.From post : " injected a malicious iframe on tens of thousands of susceptible websites " Wikipedia : http : //en.wikipedia.org/wiki/Sql \ _injectionhttp : //en.wikipedia.org/wiki/Cross-site \ _scripting</tokentext>
<sentencetext>I may be a total newb, but this really looks more like cross-site scripting and not SQL injection.From post:"injected a malicious iframe on tens of thousands of susceptible websites"Wikipedia:http://en.wikipedia.org/wiki/Sql\_injectionhttp://en.wikipedia.org/wiki/Cross-site\_scripting</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387998</id>
	<title>Use MongoDB instead</title>
	<author>Anonymous</author>
	<datestamp>1260460200000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>Just one more reason to use MongoDB (http://www.mongodb.org/)  No SQL injection type problems.
Along with all the other reasons as well of course.</htmltext>
<tokenext>Just one more reason to use MongoDB ( http : //www.mongodb.org/ ) No SQL injection type problems .
Along with all the other reasons as well of course .</tokentext>
<sentencetext>Just one more reason to use MongoDB (http://www.mongodb.org/)  No SQL injection type problems.
Along with all the other reasons as well of course.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388400</id>
	<title>Solution</title>
	<author>Anonymous</author>
	<datestamp>1260462420000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>whois 121.14.136.5<br>OrgName: Asia Pacific Network Information Centre<br>OrgID: APNIC<br>CIDR: 121.0.0.0/8</p><p>nslookup aa1100.2288.org<br>Name: aa1100.2288.org<br>Address: 121.12.116.32</p><p>whois 121.12.116.32<br>OrgName: Asia Pacific Network Information Centre<br>OrgID: APNIC<br>CIDR: 121.0.0.0/8</p><p>cmd drop log all from 121.0.0.0/8 to any via $OutsideNic</p></htmltext>
<tokenext>whois 121.14.136.5OrgName : Asia Pacific Network Information CentreOrgID : APNICCIDR : 121.0.0.0/8nslookup aa1100.2288.orgName : aa1100.2288.orgAddress : 121.12.116.32whois 121.12.116.32OrgName : Asia Pacific Network Information CentreOrgID : APNICCIDR : 121.0.0.0/8cmd drop log all from 121.0.0.0/8 to any via $ OutsideNic</tokentext>
<sentencetext>whois 121.14.136.5OrgName: Asia Pacific Network Information CentreOrgID: APNICCIDR: 121.0.0.0/8nslookup aa1100.2288.orgName: aa1100.2288.orgAddress: 121.12.116.32whois 121.12.116.32OrgName: Asia Pacific Network Information CentreOrgID: APNICCIDR: 121.0.0.0/8cmd drop log all from 121.0.0.0/8 to any via $OutsideNic</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387974</id>
	<title>Re:How is SQL involved?</title>
	<author>Anonymous</author>
	<datestamp>1260460140000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>0</modscore>
	<htmltext><p>If you would have read TFA you would have seen that:</p><p><div class="quote"><p>The combined action results in checks for MDAC, OWC10, and various versions of Adobe Flash. Depending on the results, the malcode then delivers one of several possible exploits.</p><p>Observed exploits include:<br>Integer overflow vulnerability in Adobe Flash Player, described in CVE-2007-0071<br>MDAC ADODB.Connection ActiveX vulnerability described in MS07-009<br>Microsoft Office Web Components vulnerabilities described in MS09-043<br>Microsoft video ActiveX vulnerability described in MS09-032<br>Internet Explorer Uninitialized Memory Corruption Vulnerability &ndash; MS09-002.</p></div></div>
	</htmltext>
<tokenext>If you would have read TFA you would have seen that : The combined action results in checks for MDAC , OWC10 , and various versions of Adobe Flash .
Depending on the results , the malcode then delivers one of several possible exploits.Observed exploits include : Integer overflow vulnerability in Adobe Flash Player , described in CVE-2007-0071MDAC ADODB.Connection ActiveX vulnerability described in MS07-009Microsoft Office Web Components vulnerabilities described in MS09-043Microsoft video ActiveX vulnerability described in MS09-032Internet Explorer Uninitialized Memory Corruption Vulnerability    MS09-002 .</tokentext>
<sentencetext>If you would have read TFA you would have seen that:The combined action results in checks for MDAC, OWC10, and various versions of Adobe Flash.
Depending on the results, the malcode then delivers one of several possible exploits.Observed exploits include:Integer overflow vulnerability in Adobe Flash Player, described in CVE-2007-0071MDAC ADODB.Connection ActiveX vulnerability described in MS07-009Microsoft Office Web Components vulnerabilities described in MS09-043Microsoft video ActiveX vulnerability described in MS09-032Internet Explorer Uninitialized Memory Corruption Vulnerability – MS09-002.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387874</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394432</id>
	<title>Anonymous Coward.</title>
	<author>Anonymous</author>
	<datestamp>1260440760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>funny how it does not say wordpress anywhere when it was one of the main targets<br>wordpress is the worst piece of software I have seen ( besides phpmyadsnew )</p></htmltext>
<tokenext>funny how it does not say wordpress anywhere when it was one of the main targetswordpress is the worst piece of software I have seen ( besides phpmyadsnew )</tokentext>
<sentencetext>funny how it does not say wordpress anywhere when it was one of the main targetswordpress is the worst piece of software I have seen ( besides phpmyadsnew )</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30392754</id>
	<title>Re:Let's say it all together now...</title>
	<author>MobyDisk</author>
	<datestamp>1260477300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>validate your SQL input</p> </div><p>It's worse than that.  Most code actually doesn't have to do validate SQL inputs because the database API does it for you.  For example:</p><p>PERL:<br>$dbh-&gt;prepare('SELECT * FROM customers WHERE name = ?')<br>$dbh-&gt;execute($lastname)</p><p>VB/C#/etc.<br>SqlCommand dbc = new SqlCommand();<br>dbc.Command = "SELECT * FROM customers WHERE name = @name";<br>dbc.Parameters["@name"].CustomerName = ");' DROP TABLE customers";<br>dbc.Execute();</p><p>The above code will not result in a SQL injection.  It will work fine.  The developer doesn't have to do anything special.  The only time this is a problem is when developers go directly to the database, and bypass the layer that protects them.</p></div>
	</htmltext>
<tokenext>validate your SQL input It 's worse than that .
Most code actually does n't have to do validate SQL inputs because the database API does it for you .
For example : PERL : $ dbh- &gt; prepare ( 'SELECT * FROM customers WHERE name = ?
' ) $ dbh- &gt; execute ( $ lastname ) VB/C # /etc.SqlCommand dbc = new SqlCommand ( ) ; dbc.Command = " SELECT * FROM customers WHERE name = @ name " ; dbc.Parameters [ " @ name " ] .CustomerName = " ) ; ' DROP TABLE customers " ; dbc.Execute ( ) ; The above code will not result in a SQL injection .
It will work fine .
The developer does n't have to do anything special .
The only time this is a problem is when developers go directly to the database , and bypass the layer that protects them .</tokentext>
<sentencetext>validate your SQL input It's worse than that.
Most code actually doesn't have to do validate SQL inputs because the database API does it for you.
For example:PERL:$dbh-&gt;prepare('SELECT * FROM customers WHERE name = ?
')$dbh-&gt;execute($lastname)VB/C#/etc.SqlCommand dbc = new SqlCommand();dbc.Command = "SELECT * FROM customers WHERE name = @name";dbc.Parameters["@name"].CustomerName = ");' DROP TABLE customers";dbc.Execute();The above code will not result in a SQL injection.
It will work fine.
The developer doesn't have to do anything special.
The only time this is a problem is when developers go directly to the database, and bypass the layer that protects them.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30392494</id>
	<title>It's MS SQL Server</title>
	<author>Anonymous</author>
	<datestamp>1260476160000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>The targeted platform, just like last year, is ASP/SQL Server. Since it allows running stacked queries/PL-SQL, it's *way* easier to automate exploiting vulnerable applications on this platform than on PHP/MySQL for example. Automated reading exploit on PHP/MySQL is possible however generalized automated writing is out of the question.</p></htmltext>
<tokenext>The targeted platform , just like last year , is ASP/SQL Server .
Since it allows running stacked queries/PL-SQL , it 's * way * easier to automate exploiting vulnerable applications on this platform than on PHP/MySQL for example .
Automated reading exploit on PHP/MySQL is possible however generalized automated writing is out of the question .</tokentext>
<sentencetext>The targeted platform, just like last year, is ASP/SQL Server.
Since it allows running stacked queries/PL-SQL, it's *way* easier to automate exploiting vulnerable applications on this platform than on PHP/MySQL for example.
Automated reading exploit on PHP/MySQL is possible however generalized automated writing is out of the question.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388590</id>
	<title>Looks like IIS</title>
	<author>tom1974</author>
	<datestamp>1260463320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Hit Google, you'll get things like  <a href="http://209.85.229.132/search?q=cache:AO35D6ltyyEJ:woodforlife.com/thread.cfm\%3FCategory\%3D1721\%26Thread\%3D8758\%26Message\%3D9020\%26Keyword\%3Dcoat+script+src\%3Dhttp://318x.com&amp;cd=14&amp;hl=en&amp;ct=clnk&amp;gl=uk&amp;client=firefox-a" title="209.85.229.132" rel="nofollow"> this </a> [209.85.229.132]</p><p>Looks like Windows IIS + MSSQL again.</p></htmltext>
<tokenext>Hit Google , you 'll get things like this [ 209.85.229.132 ] Looks like Windows IIS + MSSQL again .</tokentext>
<sentencetext>Hit Google, you'll get things like   this  [209.85.229.132]Looks like Windows IIS + MSSQL again.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390136</id>
	<title>Re:Details?</title>
	<author>Anonymous</author>
	<datestamp>1260468300000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>They didn't mention it because it doesn't matter. Its the result of bad coding practices. </p></div><p> ^W^W^W^W^W^ "Significant cost savings by using low-bidder contract software developers."</p></div>
	</htmltext>
<tokenext>They did n't mention it because it does n't matter .
Its the result of bad coding practices .
^ W ^ W ^ W ^ W ^ W ^ " Significant cost savings by using low-bidder contract software developers .
"</tokentext>
<sentencetext>They didn't mention it because it doesn't matter.
Its the result of bad coding practices.
^W^W^W^W^W^ "Significant cost savings by using low-bidder contract software developers.
"
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387866</id>
	<title>Re:hey</title>
	<author>Yvan256</author>
	<datestamp>1260459420000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p>Call a comedy club and get your computer on stage?</p></htmltext>
<tokenext>Call a comedy club and get your computer on stage ?</tokentext>
<sentencetext>Call a comedy club and get your computer on stage?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391368</id>
	<title>Re:why don't these go away?</title>
	<author>Anonymous</author>
	<datestamp>1260472080000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>Because if everyone stopped using Windows and switched to XYZ, then XYZ would suddenly become the new biggest target. People attack Windows becasue most people use it, not becasue it is inherently less secure than other OS.</htmltext>
<tokenext>Because if everyone stopped using Windows and switched to XYZ , then XYZ would suddenly become the new biggest target .
People attack Windows becasue most people use it , not becasue it is inherently less secure than other OS .</tokentext>
<sentencetext>Because if everyone stopped using Windows and switched to XYZ, then XYZ would suddenly become the new biggest target.
People attack Windows becasue most people use it, not becasue it is inherently less secure than other OS.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387946</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30392638</id>
	<title>Is everybody at risk?</title>
	<author>Myopic</author>
	<datestamp>1260476820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I have one Mac laptop and one Linux laptop. Will the rootkit be a problem for me?</p></htmltext>
<tokenext>I have one Mac laptop and one Linux laptop .
Will the rootkit be a problem for me ?</tokentext>
<sentencetext>I have one Mac laptop and one Linux laptop.
Will the rootkit be a problem for me?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387928</id>
	<title>Re:hey</title>
	<author>Anonymous</author>
	<datestamp>1260459900000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>"'dd' is not recognized as an internal or external command, operable program or batch file."</p><p>Still broken! =(</p><p>Posting AC so I don't get modded to hell by people who either don't think that was funny or are simply incapable of recognizing a joke.</p></htmltext>
<tokenext>" 'dd ' is not recognized as an internal or external command , operable program or batch file .
" Still broken !
= ( Posting AC so I do n't get modded to hell by people who either do n't think that was funny or are simply incapable of recognizing a joke .</tokentext>
<sentencetext>"'dd' is not recognized as an internal or external command, operable program or batch file.
"Still broken!
=(Posting AC so I don't get modded to hell by people who either don't think that was funny or are simply incapable of recognizing a joke.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389322</id>
	<title>Re:Let's say it all together now...</title>
	<author>DNX Blandy</author>
	<datestamp>1260465900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Lame coders who either 1) Just don't understand, so are fucking stupid! 2) Just don't care, so are fucking stupid! Note: I'm a coder, but I've always taken security very seriously, hence I get emails everytime someone trys<nobr> <wbr></nobr>:) and the sites I manage are OK.</htmltext>
<tokenext>Lame coders who either 1 ) Just do n't understand , so are fucking stupid !
2 ) Just do n't care , so are fucking stupid !
Note : I 'm a coder , but I 've always taken security very seriously , hence I get emails everytime someone trys : ) and the sites I manage are OK .</tokentext>
<sentencetext>Lame coders who either 1) Just don't understand, so are fucking stupid!
2) Just don't care, so are fucking stupid!
Note: I'm a coder, but I've always taken security very seriously, hence I get emails everytime someone trys :) and the sites I manage are OK.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387772</id>
	<title>318x.com</title>
	<author>NoYob</author>
	<datestamp>1260458940000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>I tried to go there and I got this from Google:
<a href="http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&amp;hl=en-US&amp;site=http://318x.com/" title="google.com" rel="nofollow">Diagnostic page for 318x.com</a> [google.com] <p>After doing a whois, I see that just about all information is described as "Unknown"</p><p>Why is this domain still in existence?  Can ICANN take it down? </p><p>It looks like the sole reason for this domain is for malware.</p></htmltext>
<tokenext>I tried to go there and I got this from Google : Diagnostic page for 318x.com [ google.com ] After doing a whois , I see that just about all information is described as " Unknown " Why is this domain still in existence ?
Can ICANN take it down ?
It looks like the sole reason for this domain is for malware .</tokentext>
<sentencetext>I tried to go there and I got this from Google:
Diagnostic page for 318x.com [google.com] After doing a whois, I see that just about all information is described as "Unknown"Why is this domain still in existence?
Can ICANN take it down?
It looks like the sole reason for this domain is for malware.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388412</id>
	<title>Let's see</title>
	<author>zefciu</author>
	<datestamp>1260462540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Hmmm...;)UPDATE users SET isAdmin='1' WHERE users.login='zefciu';</htmltext>
<tokenext>Hmmm... ; ) UPDATE users SET isAdmin = '1 ' WHERE users.login = 'zefciu ' ;</tokentext>
<sentencetext>Hmmm...;)UPDATE users SET isAdmin='1' WHERE users.login='zefciu';</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388022</id>
	<title>Re:why don't these go away?</title>
	<author>jimicus</author>
	<datestamp>1260460320000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>You are assuming that all the systems are hosted at reputable hosting companies that pro-actively monitor all their systems.</p><p>There are millions of systems worldwide that are exposed to the public internet (even though they probably shouldn't be) that are sitting in the corner somewhere waiting for someone to "get around to decommissioning them" - and in the meantime they're pumping out spam and taking part in DDoS attacks.</p></htmltext>
<tokenext>You are assuming that all the systems are hosted at reputable hosting companies that pro-actively monitor all their systems.There are millions of systems worldwide that are exposed to the public internet ( even though they probably should n't be ) that are sitting in the corner somewhere waiting for someone to " get around to decommissioning them " - and in the meantime they 're pumping out spam and taking part in DDoS attacks .</tokentext>
<sentencetext>You are assuming that all the systems are hosted at reputable hosting companies that pro-actively monitor all their systems.There are millions of systems worldwide that are exposed to the public internet (even though they probably shouldn't be) that are sitting in the corner somewhere waiting for someone to "get around to decommissioning them" - and in the meantime they're pumping out spam and taking part in DDoS attacks.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30401370</id>
	<title>Re:Details?</title>
	<author>cbiltcliffe</author>
	<datestamp>1260545220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Its the result of bad coding practices.</p></div><p>Yeah?</p><p>Big deal.</p><p>So is Windows.</p><p>harharharhar<br>Here all week...try the fish....eh, whatever.</p></div>
	</htmltext>
<tokenext>Its the result of bad coding practices.Yeah ? Big deal.So is Windows.harharharharHere all week...try the fish....eh , whatever .</tokentext>
<sentencetext>Its the result of bad coding practices.Yeah?Big deal.So is Windows.harharharharHere all week...try the fish....eh, whatever.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389190</id>
	<title>Still a question about the SQL part of this...</title>
	<author>Anonymous</author>
	<datestamp>1260465480000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>From TFA:<br>"A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites."</p><p>Anybody know what made these thousands of websites susceptible?!?</p><p>Useless article for us admins...</p></htmltext>
<tokenext>From TFA : " A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites .
" Anybody know what made these thousands of websites susceptible ? !
? Useless article for us admins.. .</tokentext>
<sentencetext>From TFA:"A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites.
"Anybody know what made these thousands of websites susceptible?!
?Useless article for us admins...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389620</id>
	<title>Re:why don't these go away?</title>
	<author>sjames</author>
	<datestamp>1260466740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The hosting company is irrelevant if the domain's NS records in the gtld-servers are pointed to nowhere. That won't help if the script uses the IP address, but in this case, it would kill it.</p><p>Where an IP address is used, null routing by an upstream provider can kill that IP. So the question stands, when the threat is this big, why is the site allowed to continue existing? Start at the colo provider/ISP and work up the chain until a reputable provider is found to null route the IP.</p></htmltext>
<tokenext>The hosting company is irrelevant if the domain 's NS records in the gtld-servers are pointed to nowhere .
That wo n't help if the script uses the IP address , but in this case , it would kill it.Where an IP address is used , null routing by an upstream provider can kill that IP .
So the question stands , when the threat is this big , why is the site allowed to continue existing ?
Start at the colo provider/ISP and work up the chain until a reputable provider is found to null route the IP .</tokentext>
<sentencetext>The hosting company is irrelevant if the domain's NS records in the gtld-servers are pointed to nowhere.
That won't help if the script uses the IP address, but in this case, it would kill it.Where an IP address is used, null routing by an upstream provider can kill that IP.
So the question stands, when the threat is this big, why is the site allowed to continue existing?
Start at the colo provider/ISP and work up the chain until a reputable provider is found to null route the IP.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388022</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394444</id>
	<title>Re:Use MongoDB instead</title>
	<author>Major Blud</author>
	<datestamp>1260440820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Mongo is document-oriented, not relational.  You do realize that the two architectures serve completely different purposes right? I wouldn't bet that Mongo would be the right choice for a high-volume OLTP environment.</htmltext>
<tokenext>Mongo is document-oriented , not relational .
You do realize that the two architectures serve completely different purposes right ?
I would n't bet that Mongo would be the right choice for a high-volume OLTP environment .</tokentext>
<sentencetext>Mongo is document-oriented, not relational.
You do realize that the two architectures serve completely different purposes right?
I wouldn't bet that Mongo would be the right choice for a high-volume OLTP environment.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388576</id>
	<title>Re:Details?</title>
	<author>Bengie</author>
	<datestamp>1260463260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>paramerterized inputs?</p><p>The only times I EVER pass a value as a concatenated string is if it goes along these lines..</p><p>try<br>query = "select [columns] from table where iTableID = "+INT64.Parse(strInput).ToString();<br>catch</p><p>^^<br>My lazy code. I only do internal utilities on side projects, so I can get away with this since these utilities are seldom used by anyway except when crap goes wrong. My primary job is SQL.</p><p>otherwise it's always the</p><p>string strSelectQry = "Select [columns] from schooltable where ischoolguid = @ischoolguid";<br>cmd = new SqlCommand(strSelectQry, cnn);</p><p>SqlParameter schoolguild = cmd.Parameters.Add("@ischoolguid", SqlDbType.UniqueIdentifier);<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; schoolguild.Value = new Guid(strSchoolGUID);</p></htmltext>
<tokenext>paramerterized inputs ? The only times I EVER pass a value as a concatenated string is if it goes along these lines..tryquery = " select [ columns ] from table where iTableID = " + INT64.Parse ( strInput ) .ToString ( ) ; catch ^ ^ My lazy code .
I only do internal utilities on side projects , so I can get away with this since these utilities are seldom used by anyway except when crap goes wrong .
My primary job is SQL.otherwise it 's always thestring strSelectQry = " Select [ columns ] from schooltable where ischoolguid = @ ischoolguid " ; cmd = new SqlCommand ( strSelectQry , cnn ) ; SqlParameter schoolguild = cmd.Parameters.Add ( " @ ischoolguid " , SqlDbType.UniqueIdentifier ) ;                                                 schoolguild.Value = new Guid ( strSchoolGUID ) ;</tokentext>
<sentencetext>paramerterized inputs?The only times I EVER pass a value as a concatenated string is if it goes along these lines..tryquery = "select [columns] from table where iTableID = "+INT64.Parse(strInput).ToString();catch^^My lazy code.
I only do internal utilities on side projects, so I can get away with this since these utilities are seldom used by anyway except when crap goes wrong.
My primary job is SQL.otherwise it's always thestring strSelectQry = "Select [columns] from schooltable where ischoolguid = @ischoolguid";cmd = new SqlCommand(strSelectQry, cnn);SqlParameter schoolguild = cmd.Parameters.Add("@ischoolguid", SqlDbType.UniqueIdentifier);
                                                schoolguild.Value = new Guid(strSchoolGUID);</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387874</id>
	<title>How is SQL involved?</title>
	<author>Bromskloss</author>
	<datestamp>1260459480000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>The article said "SQL" in the headline, but never mentioned it again after that.</p></htmltext>
<tokenext>The article said " SQL " in the headline , but never mentioned it again after that .</tokentext>
<sentencetext>The article said "SQL" in the headline, but never mentioned it again after that.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388642</id>
	<title>Re:why don't these go away?</title>
	<author>wowbagger</author>
	<datestamp>1260463620000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>You must be new here, let me welcome you to "The Internet". I hope you enjoy your visit.</p><p>Hosting companies don't give a pair of fetid dingo's kidneys about such matters, so long as the people responsible for the hosting pay good money.</p><p>Even the <a href="http://softlayer.com/" title="softlayer.com">hosting companies</a> [softlayer.com] that <a href="http://theinnerlayer.softlayer.com/2007/spammers-beware-were-on-guard/" title="softlayer.com">claim</a> [softlayer.com] to be anti-spam, and who's acceptable use policies state that ANY support of spam, <a href="http://softlayer.com/aup.html" title="softlayer.com">including hosting spamvertized web sites</a> [softlayer.com], when confronted with <a href="http://www.winehq.org/search/?cx=partner-pub-0971840239976722\%3Aw9sqbcsxtyf&amp;cof=FORID\%3A10&amp;ie=UTF-8&amp;q=Rip+DVD&amp;siteurl=forum.winehq.org\%2F#1122" title="winehq.org">multiple, on-going violations</a> [winehq.org], will ignore all reports, remove all forum posts calling attention to those posts, and continue to cash the checks from the spammers.</p></htmltext>
<tokenext>You must be new here , let me welcome you to " The Internet " .
I hope you enjoy your visit.Hosting companies do n't give a pair of fetid dingo 's kidneys about such matters , so long as the people responsible for the hosting pay good money.Even the hosting companies [ softlayer.com ] that claim [ softlayer.com ] to be anti-spam , and who 's acceptable use policies state that ANY support of spam , including hosting spamvertized web sites [ softlayer.com ] , when confronted with multiple , on-going violations [ winehq.org ] , will ignore all reports , remove all forum posts calling attention to those posts , and continue to cash the checks from the spammers .</tokentext>
<sentencetext>You must be new here, let me welcome you to "The Internet".
I hope you enjoy your visit.Hosting companies don't give a pair of fetid dingo's kidneys about such matters, so long as the people responsible for the hosting pay good money.Even the hosting companies [softlayer.com] that claim [softlayer.com] to be anti-spam, and who's acceptable use policies state that ANY support of spam, including hosting spamvertized web sites [softlayer.com], when confronted with multiple, on-going violations [winehq.org], will ignore all reports, remove all forum posts calling attention to those posts, and continue to cash the checks from the spammers.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389124</id>
	<title>Don't worry, that site is slashdotted.</title>
	<author>neo</author>
	<datestamp>1260465240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It's already under a huge DOS attack by the readers of Slashdot.  There's no need to block it, in fact you should be attempting to load that page in concert with all the other members of the Slashbot.</p></htmltext>
<tokenext>It 's already under a huge DOS attack by the readers of Slashdot .
There 's no need to block it , in fact you should be attempting to load that page in concert with all the other members of the Slashbot .</tokentext>
<sentencetext>It's already under a huge DOS attack by the readers of Slashdot.
There's no need to block it, in fact you should be attempting to load that page in concert with all the other members of the Slashbot.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387988</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388332</id>
	<title>Re:hey</title>
	<author>Anonymous</author>
	<datestamp>1260462000000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><p>Antivirus2009, that will clean it right up for you.</p></htmltext>
<tokenext>Antivirus2009 , that will clean it right up for you .</tokentext>
<sentencetext>Antivirus2009, that will clean it right up for you.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390620</id>
	<title>Re:hey</title>
	<author>HaeMaker</author>
	<datestamp>1260469740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The dude clearly doesn't run linux...</p><p>This is a system problem...</p><p>Delete c:\windows\system32</p></htmltext>
<tokenext>The dude clearly does n't run linux...This is a system problem...Delete c : \ windows \ system32</tokentext>
<sentencetext>The dude clearly doesn't run linux...This is a system problem...Delete c:\windows\system32</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389308</id>
	<title>Terrible article, inappropriate headline</title>
	<author>Anonymous</author>
	<datestamp>1260465900000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>The source of the attacks are servers who have been compromised through SQL injection.  I get that.  It's an important detail.  They fail to identify what sites and/or what those sites are running that is exploitable in this way.  Is it MySQL?  Is it MS SQL?  Oracle?  Is it a particular software package running on a particular web host platform?  The questions are too many and should have been answered in the article.</p><p>What is done after a server is compromised is pretty common.  Microsoft components, especially those linked through ActiveX, have been not just a hole in Microsoft security, but a tunnel into the Windows kernel big enough to drive a truck through.  A vulnerability in Adobe flash is only a a problem when it uses ActiveX to get there.  Flash running in other ways does not seem to pose such an extreme threat otherwise.  But while these are important security concerns to be aware of, it has nothing to do with the topic of the story as indicated by the headline or the first line of the story which is about compromised SERVERS, not about compromised clients.</p></htmltext>
<tokenext>The source of the attacks are servers who have been compromised through SQL injection .
I get that .
It 's an important detail .
They fail to identify what sites and/or what those sites are running that is exploitable in this way .
Is it MySQL ?
Is it MS SQL ?
Oracle ? Is it a particular software package running on a particular web host platform ?
The questions are too many and should have been answered in the article.What is done after a server is compromised is pretty common .
Microsoft components , especially those linked through ActiveX , have been not just a hole in Microsoft security , but a tunnel into the Windows kernel big enough to drive a truck through .
A vulnerability in Adobe flash is only a a problem when it uses ActiveX to get there .
Flash running in other ways does not seem to pose such an extreme threat otherwise .
But while these are important security concerns to be aware of , it has nothing to do with the topic of the story as indicated by the headline or the first line of the story which is about compromised SERVERS , not about compromised clients .</tokentext>
<sentencetext>The source of the attacks are servers who have been compromised through SQL injection.
I get that.
It's an important detail.
They fail to identify what sites and/or what those sites are running that is exploitable in this way.
Is it MySQL?
Is it MS SQL?
Oracle?  Is it a particular software package running on a particular web host platform?
The questions are too many and should have been answered in the article.What is done after a server is compromised is pretty common.
Microsoft components, especially those linked through ActiveX, have been not just a hole in Microsoft security, but a tunnel into the Windows kernel big enough to drive a truck through.
A vulnerability in Adobe flash is only a a problem when it uses ActiveX to get there.
Flash running in other ways does not seem to pose such an extreme threat otherwise.
But while these are important security concerns to be aware of, it has nothing to do with the topic of the story as indicated by the headline or the first line of the story which is about compromised SERVERS, not about compromised clients.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389606</id>
	<title>132,000? Try 1269.</title>
	<author>milesw</author>
	<datestamp>1260466740000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>As many have pointed out, the blog post does not offer sufficient detail, but does offer the rather sensational headline "SQL injection attack claims 132,000+". The Google Safe Browsing diagnostic page for 318x.com has it closer to 1200 or so:</p><p>http://google.com/safebrowsing/diagnostic?site=318x.com/</p><p>Has this site acted as an intermediary resulting in further distribution of malware?<br>Over the past 90 days, 318x.com appeared to function as an intermediary for the infection of 1202 site(s) including 37y.org/, jxagri.gov.cn/, glojj.com/.</p><p>Has this site hosted malware?<br>Yes, this site has hosted malicious software over the past 90 days. It infected 1269 domain(s), including 37y.org/, cec.org.cn/, jxagri.gov.cn/.</p></htmltext>
<tokenext>As many have pointed out , the blog post does not offer sufficient detail , but does offer the rather sensational headline " SQL injection attack claims 132,000 + " .
The Google Safe Browsing diagnostic page for 318x.com has it closer to 1200 or so : http : //google.com/safebrowsing/diagnostic ? site = 318x.com/Has this site acted as an intermediary resulting in further distribution of malware ? Over the past 90 days , 318x.com appeared to function as an intermediary for the infection of 1202 site ( s ) including 37y.org/ , jxagri.gov.cn/ , glojj.com/.Has this site hosted malware ? Yes , this site has hosted malicious software over the past 90 days .
It infected 1269 domain ( s ) , including 37y.org/ , cec.org.cn/ , jxagri.gov.cn/ .</tokentext>
<sentencetext>As many have pointed out, the blog post does not offer sufficient detail, but does offer the rather sensational headline "SQL injection attack claims 132,000+".
The Google Safe Browsing diagnostic page for 318x.com has it closer to 1200 or so:http://google.com/safebrowsing/diagnostic?site=318x.com/Has this site acted as an intermediary resulting in further distribution of malware?Over the past 90 days, 318x.com appeared to function as an intermediary for the infection of 1202 site(s) including 37y.org/, jxagri.gov.cn/, glojj.com/.Has this site hosted malware?Yes, this site has hosted malicious software over the past 90 days.
It infected 1269 domain(s), including 37y.org/, cec.org.cn/, jxagri.gov.cn/.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387738</id>
	<title>Little Bobby Tables</title>
	<author>Anonymous</author>
	<datestamp>1260458760000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext>I blame <a href="http://xkcd.com/327/" title="xkcd.com" rel="nofollow">Mrs. Roberts</a> [xkcd.com].</htmltext>
<tokenext>I blame Mrs. Roberts [ xkcd.com ] .</tokentext>
<sentencetext>I blame Mrs. Roberts [xkcd.com].</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714</id>
	<title>hey</title>
	<author>Anonymous</author>
	<datestamp>1260458640000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>Hey, I went to 318x.com and all of a sudden my computer is acting funny. Any suggestions?</p></htmltext>
<tokenext>Hey , I went to 318x.com and all of a sudden my computer is acting funny .
Any suggestions ?</tokentext>
<sentencetext>Hey, I went to 318x.com and all of a sudden my computer is acting funny.
Any suggestions?</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390234
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387988
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388642
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389124
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387988
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388336
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390962
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389232
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389322
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389188
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30392754
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391356
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390212
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387928
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388910
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390316
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390528
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387984
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390136
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389868
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387846
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388306
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387946
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387878
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387974
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394038
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30401370
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389794
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387956
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391552
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389620
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388022
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387866
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394454
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387772
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388332
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388576
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390620
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388778
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_10_1334205_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391244
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387878
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387778
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387714
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387866
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387784
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394038
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390212
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391356
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390316
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387928
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390620
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388332
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387874
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388306
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387974
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387984
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390528
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387786
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387946
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391368
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388336
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388022
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389620
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388642
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387988
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389124
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390234
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389330
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390604
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389308
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387848
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388368
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391552
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390136
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30401370
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388576
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389188
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387956
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389794
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387846
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389868
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387788
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387738
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389232
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390962
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387998
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394444
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387878
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30390544
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30391244
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388400
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30387772
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394454
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30394820
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_10_1334205.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388258
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30392754
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388910
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30389322
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_10_1334205.30388778
</commentlist>
</conversation>
