Re: web application security

[Yousif () vapt-sec com]

I suggest you become a bit more specific into what your asking, as you are not really asking much questions here, 
enough to define any answers. I would suggest searching for an IDS or HIDS. Until this day, there hasn't been an 
effective phishing tool, but I suggest using Browsers like Opera or Firefox. All you can really do is identify the 
header request information for each HTTP/HTTPS request and identify the URL very closely to review any information that 
might be suspicious. They should allow you to use this, hopefully you present them with licensed software, as it will 
show more responsibility and care on your end. IF you cannot use 3rd party applications to secure the system, perhaps 
you can develop your own? Also , if you specify the OS, maybe we can assist you a little more in terms of what you can 
harden manually without actual software automation


-Yousif Yalda
Http://YousifYalda.Blogspot.com
Security Consultant
Http://Vapt-Sec.com

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------