help understanding alarm for generic SQL injection in HTTP
I don't quite get the regex in 5474-1 shown below. The '+' I think I get; if the data is a GET or a POST with enctype=application/x-www-form-urlencoded then spaces are encoded as +. But the regex also appears to be looking for a literal '%' and then '20'. Why for? If the request is "multipart/form-data" it will have a space character in the data (which has a hex value of \x20 but that's not what the regex is looking for).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...