Re: cross site exploits

[J Edgar Hoover <zorch () TOTALLY RIGHTEOUS NET>]

On Tue, 12 Dec 2000, vijay verma wrote:

> Hello all,
>
> Anyone know of a way to detect possible exploit by the cross site exploit ?
>
> I'm a bit unclear on the exploit and how it works, meaning I can't
> decide how to determine if I have been vulnerable or how I can
> determine if I have been "attacked".  I would like to set up
> monitoring but that is not possible without "real facts" about this
> exploit.  Could it be as "easy" as looking for the <script> tag?

Are you asking how to check to see if your browser has been exploited, or
to see if a web server has been used in a cross site exploit?

Simply put, "cross site" means that you included some html on an
innocent public server that points to malicious html on another server.

To prevent your server from being used in this manner, make sure any html
tags are stripped from user posts.