Full Disclosure mailing list archives

Re: Zone Alarm

From: "Larry W. Cashdollar" <lwc () vapid ath cx>
Date: Fri, 13 Jun 2003 14:01:27 -0400 (EDT)



On Fri, 13 Jun 2003, Stephane Nasdrovisky wrote:


Squid (and probably others) can filter accesses based on the user agent.
Some network firewall (as opposed to personal ones) can be configured to filter accesses based on the user agent 
header.

As you know, every peace of software trying to access internet through a
proxy advertise its flavour using the user agent header, and the user
agent header is very hard to spoof :-)


I am guessing what you mean by software is web browser?
I can recompile mozilla/konqueror/lynx to say whatever I want as a
user-agent.  I think opera lets you masquerade as which ever browser you want
IE/netscape etc...  You can connect to an http server will telnet and do
a:

GET / HTTP/1.0
User-Agent:     Bubba-joe-Browser1.1a

see RFC 1945/2068 on the http protocol.

Why even bother putting in a User-Agent?  You dont have to.  If the server
is trusting the client for information, well you make the client give
whatever information you want if you have sufficent access to it.

-- La

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Zone Alarm, (continued)
- - Re: Zone Alarm Shawn McMahon (Jun 05)
    - RE: Zone Alarm JT (Jun 05)
- RE: Zone Alarm Robert J. Liebsch (Jun 04)
- Re: Re: Zone Alarm Eric N. Valor (Jun 04)
  - Re: Zone Alarm Michael Reilly (Jun 04)
- RE: Re: Zone Alarm Schmehl, Paul L (Jun 04)
- RE: Zone Alarm Ben Tyson-Norrman (Jun 05)
  - AW: Zone Alarm Michael Linke (Jun 05)
- RE: Zone Alarm Myers, Marvin (Jun 05)
- Re: Zone Alarm Stephane Nasdrovisky (Jun 13)
  - Re: Zone Alarm Larry W. Cashdollar (Jun 13)
    - Re: Zone Alarm Larry W. Cashdollar (Jun 13)