Vulnerability Development mailing list archives
Re: wwwboard my help reveal user name and password
From: systsec () YAHOO COM (Simon Hughes)
Date: Wed, 12 Jul 2000 05:07:59 -0000
I have got a script that was modifyed to detect: proxy, resolve IP so spoofing cannot be used, Pings the posters IP to check that the address exists, also uses a time limit so if you do more than one post in a few seconds it blocks your IP so multiple posts cannot happen. There's more on this script but I cannot find it,sorry. Credit to this modification should go to: 'The Mr.Fong Device' Team, http://www.cyberarmy.com www.cyberarmy.com/wwwboard ------------------------------------------------------------ ------------- I think adding referrer checking is useless. One can spoof a Referrer: header in a http request just as easily as spoof the actual requests.
Current thread:
- Re: BitchX /ignore bug, (continued)
- Re: BitchX /ignore bug Thomas Dullien (Jul 05)
- Re: BitchX /ignore bug Ron DuFresne (Jul 06)
- Re: BitchX /ignore bug Keith Simonsen (Jul 06)
- Re: BitchX /ignore bug Steve Mosher (Jul 06)
- Re: BitchX /ignore bug Joe User (Jul 06)
- Re: BitchX /ignore bug Security Mail Acct. (Jul 06)
- wwwboard my help reveal user name and password Julian Linton (Jul 07)
- Re: wwwboard my help reveal user name and password Shelagh Pepper (Jul 07)
- Re: wwwboard my help reveal user name and password Shadowboxer (Jul 07)
- Re: wwwboard my help reveal user name and password Jason Legate (Jul 07)
- Re: wwwboard my help reveal user name and password Simon Hughes (Jul 11)
- Re: BitchX /ignore bug Ron DuFresne (Jul 06)
- Re: BitchX /ignore bug Thomas Dullien (Jul 05)
- About all the default password databases... Mikael Olsson (Jul 07)
- Re: About all the default password databases... Roelof Temmingh (Jul 07)
- Re: About all the default password databases... Jonathan Leto (Jul 07)
- Re: About all the default password databases... Phenoelit (Jul 08)
- Re: BitchX /ignore bug Steve Mosher (Jul 07)
- Re: BitchX /ignore bug Mikael Olsson (Jul 07)
- Re: BitchX /ignore bug Steve Mosher (Jul 08)
- The AOL Spyware Maxime Rousseau (Jul 07)
- Re: The AOL Spyware Mikael Olsson (Jul 07)
- Re: The AOL Spyware Masial (Jul 08)