Full Disclosure mailing list archives
Re: morning_wood should stop posting xss
From: Jason <security () brvenik com>
Date: Fri, 25 Jul 2003 12:21:09 -0400
[snip]
Consider then the concept of a 'Honey Token' http://securityfocus.com/infocus/1713Yet, the article states that these are more of a 'insider threat' monitoring tool. Few if any honeytokens would probably ever be exposed to the internet at large.
Why not? Example:tokens for account info in an extranet application, easily catches sql injection, brute force attacks, intellectual property theft...
Just some possibilities for this: portals customer accts inactive web pages fake confidential documents ... J _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: morning_wood should stop posting xss, (continued)
- Re: morning_wood should stop posting xss Michael Renzmann (Jul 28)
- RE: Re: morning_wood should stop posting xss Myers, Marvin (Jul 24)
- Re: Re: morning_wood should stop posting xss Knud Erik Højgaard (Jul 24)
- RE: Re: morning_wood should stop posting xss Altheide, Cory B. (Jul 24)
- Re: Re: morning_wood should stop posting xss Jeremiah Cornelius (Jul 24)
- Re: morning_wood should stop posting xss Valdis . Kletnieks (Jul 24)
- Re: morning_wood should stop posting xss morning_wood (Jul 25)
- RE: Re: morning_wood should stop posting xss Gerald Cody Bunch (Jul 24)
- RE: Re: morning_wood should stop posting xss Ron DuFresne (Jul 25)
- Re: Re: morning_wood should stop posting xss morning_wood (Jul 25)
- Re: morning_wood should stop posting xss Jason (Jul 25)
- Re: morning_wood should stop posting xss madsaxon (Jul 25)
- Re: morning_wood should stop posting xss Ron DuFresne (Jul 25)
- Re: morning_wood should stop posting xss morning_wood (Jul 25)
- Re: HoneyTokens - WAS - morning_wood should stop posting xss Jason (Jul 25)
- Re: HoneyTokens - WAS - morning_wood should stop posting xss Ron DuFresne (Jul 29)
- Re: morning_wood should stop posting xss Jeremy Gaddis (Jul 26)
- RE: Re: morning_wood should stop posting xss Ron DuFresne (Jul 25)