|
Anonymous FTP-FAQ
|
|
Hits: 28 |
|
Date added: 03/15/2005 |
|
|
|
|
|
|
|
Shell Accounts Tutorial
hot!
|
|
Hits: 57 |
|
Date added: 03/16/2005 |
|
|
|
|
|
|
|
Browser Identification for Web Applications
|
|
Hits: 37 |
|
Date added: 07/15/2005 |
|
Browser Identification is not a new concept. With the focus having shifted to desktops from networks and servers, a topic such as remote browser identification needs to be revisited.
Browsers identify themselves to web servers in the USER_AGENT header field that is contained in requests sent to the server. Almost every release of browsers contains sloppy code that allows malicious servers or attackers to compromise user privacy and security.
The header that normally identifies a user’s web browser tells such servers exactly which attacks to use. Obfuscating the information contained in the USER_AGENT header field reduces the likelihood of browser-related attacks.
There are other methods of analysis and evaluation that help in accurately identifying browsers. Knowing about these methods is necessary for two reasons: � Increase awareness of browser-related attacks among desktop users. � Assist security consultants to factor in browser-related information when working on web application security testing assignments.
This paper outlines techniques that allow users to determine client browser types remotely. |
|
|
|
|
|
|
A practical approach for defeating Nmap OS-Fingerprinting
|
|
Hits: 0 |
|
Date added: 07/15/2005 |
|
A practical approach for defeating Nmap OS-Fingerprinting
Some security tools have been developed to fake Nmap in its OS Fingerprinting purpose. This paper describes different solutions to defeat Nmap and behave like another chosen operating system, as well as a demonstration on how can be accomplished. |
|
|
|
|
|
|
Proxy WinGate SOCKS
|
|
Hits: 0 |
|
Date added: 09/13/2005 |
|
Proxy WinGate SOCKS Tutorial |
|
|
|
