Security Basics mailing list archives
Re: Eliminate iframes
From: Andre Silaghi <andre.silaghi () googlemail com>
Date: Wed, 26 Jun 2013 12:54:18 +0200
Thank you Terrence, indeed it is cheap but costs will grow because you have to maintain the regex pattern list. I think of something which is driven by communities or companies although I find it quite dangerous to trust the community or company. But I guess there is no other cheap way around this. best regards andré 2013/6/21 Terrence O'Connor <terrence.oconnor () gmail com>:
You could setup a scanning reverse proxy that checks for that regex pattern and blocks those types of requests. That's the cheap solution. -- Terrence O'Connor On Friday, June 21, 2013 at 9:31 AM, Andre Silaghi wrote: hi community, I am curious about your way of getting rid of iframes within large - enterprise - networks. The problem is that a couple of websites are trying to infect you using drive-by downloads mostly via iframes within hijacked websites. The firewalls will not do it since it operates only in osi level 3 or 4 but not within the application level where iframes are usually transfered via http. Is there any solution you could propose? best regards, andré ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Eliminate iframes Andre Silaghi (Jun 21)
- Re: Eliminate iframes Adolfo Abegg (Jun 21)
- Message not available
- Re: Eliminate iframes Andre Silaghi (Jun 23)
- Message not available
- Re: Eliminate iframes Andre Silaghi (Jun 26)
- Re: Eliminate iframes Joshua Trabing (Jun 26)
- Re: Eliminate iframes Andre Silaghi (Jun 26)