Firewall Wizards mailing list archives
Re[2]: Web Site Hacks
From: Edward Cracknell <edward () securIT net>
Date: Thu, 4 Dec 1997 21:38:20 GMT
My mailer says Denis Gordon <denis () dcc govt nz> wrote: denis >Edward Cracknell <edward () securIT net> said: denis > denis >But the 'page' this cgi script produces would be sent back to the denis >browser. To be activated, the user at the browser has to click it. So denis >any connection to 'target.system.behind.firewall' would be from the denis >browser, not from the firewall. denis > denis >Or have I missed something fundamental here? denis > denis >Denis Gordon - <denis () dcc govt nz> denis > denis > No. I think I did. I haven't tried it, I was trying to think it through! I think it would appear to come from the client. CGI-bin script allowing, unless the script itself does something silly. ----------------------------------------------------------------- Edward Cracknell - <edward () SecurIT net>
Current thread:
- Web Site Hacks Edward Cracknell (Dec 03)
- Re: Web Site Hacks -= ArkanoiD =- (Dec 03)
- Re: Web Site Hacks -= ArkanoiD =- (Dec 03)
- Re: Web Site Hacks Daniel Garcia (Dec 03)
- Re: Web Site Hacks Nick Drage (Dec 04)
- Re: Web Site Hacks Michael Kyle (Dec 04)
- <Possible follow-ups>
- RE: Web Site Hacks Denis Gordon (Dec 03)
- Re[2]: Web Site Hacks Edward Cracknell (Dec 04)
- Re: Web Site Hacks Bruce B. Platt (Dec 04)
- Re[2]: Web Site Hacks Edward Cracknell (Dec 05)
- Re: Web Site Hacks Steve Gibbons (Dec 05)
- Re: Web Site Hacks Steven Bellovin (Dec 05)
- Re: Web Site Hacks Chad Schieken (Dec 05)
- Re: Web Site Hacks Aleph One (Dec 06)
- Re: Web Site Hacks Chad Schieken (Dec 05)
- Re: Web Site Hacks David Kennedy (Dec 08)
- Re: Web Site Hacks Paul McNabb (Dec 09)
- Re: Web Site Hacks shimons (Dec 11)
- Re: Web Site Hacks Paul McNabb (Dec 11)
(Thread continues...)