WebApp Sec mailing list archives
XSS/Script Injection on my site -- further details
From: "arian.evans" <arian.evans () anachronic com>
Date: Fri, 28 Apr 2006 14:46:06 -0500
inline:
-----Original Message----- From: arian.evans [mailto:arian.evans () anachronic com] Sent: Friday, April 28, 2006 12:30 PM Someone in Atlanta on Cox cable is once again giving my personal site a "free pen test".
I lied. It turns out that while the Cox backbone is out of ATL, the actual activity originates in Irvine, CA. I do not want to unnecessarily cast blame on folks in ATL, as I think we all know who would get blamed there. :) If this hadn't happened twice before and nuked my server once, I probably wouldn't care a lot, but this is the third time you've hit me, and it is rude, unprofessional, and you've cost me a lot of personal time & email loss that could have been easily avoided. I am unwilling to debate the merit of having my IDS alerts go to my default mail spool; it works quite well except when I get 40k alerts over an evening. Anyone on the lists stuck up in or around Rochester, NY for the next few months, gimme' a shout.... Happy Fridays, Arian J. Evans +1.913.378.3571 [mobile] "See? That was nothing. But that's how it always begins. Very small." -Egg Shen ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today! https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF --------------------------------------------------------------------------
Current thread:
- XSS/Script Injection on my site -- further details arian.evans (Apr 28)