Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Proof of Concept Tool on Web Application Security

From: Jörg Schütter <joerg () schuetter org>
Date: Sun, 27 Apr 2003 15:04:48 +0200
Hallo Indian Tiger,

On Tue, 15 Apr 2003 23:35:34 +0530
"Indian Tiger" <indiantiger () mailandnews com> wrote:

[...]

This manipulation can also be achieved if an Attacker can put his
Proxy (Web Sleuth) on intermediate Router/Proxy. One Example is I am
accessing Hotmail and on my ISP Router/Proxy, An attacker installs
tool like Web Sleuth. But again question comes Router works on OSI
layer 3 so attacker can't put tool like Web Sleuth. If intermediate
hop is Proxy which is on Application level, there should be some tool
which can be placed here.


Have a look at http://en.tldp.org/HOWTO/mini/TransparentProxy.html which
explains how to use squid as transparent proxy by using iptables.

Gruß
  Jörg

-- 
Dipl.-Ing. Jörg Schütter           http://www.lug-untermain.de/
                                   http://www.schuetter.org/joerg/
joerg () schuetter org                http://mypenguin.bei.t-online.de/

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: