Penetration Testing mailing list archives
Re: web application security
From: Yousif () vapt-sec com
Date: 24 Feb 2008 20:20:48 -0000
I suggest you become a bit more specific into what your asking, as you are not really asking much questions here, enough to define any answers. I would suggest searching for an IDS or HIDS. Until this day, there hasn't been an effective phishing tool, but I suggest using Browsers like Opera or Firefox. All you can really do is identify the header request information for each HTTP/HTTPS request and identify the URL very closely to review any information that might be suspicious. They should allow you to use this, hopefully you present them with licensed software, as it will show more responsibility and care on your end. IF you cannot use 3rd party applications to secure the system, perhaps you can develop your own? Also , if you specify the OS, maybe we can assist you a little more in terms of what you can harden manually without actual software automation -Yousif Yalda Http://YousifYalda.Blogspot.com Security Consultant Http://Vapt-Sec.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Re: web application security Yousif (Feb 24)