Security Basics mailing list archives
URL pipelining
From: ".\\lgp" <lgpmsec () gmail com>
Date: Mon, 14 Sep 2009 01:56:00 +0300
Hi again, I've read that support for URL-Request Pipelining has interesting consequences. For example, as explained in this paper by Daniel Roelker (http://www.defcon.org/images/defcon-11/dc-11-presentations/dc-11-Roelker/dc -11-roelker-paper.pdf), it can be used for evading detection by Intrusion Detection Systems. Also, it can be used in HTTP Response-Splitting style attacks. One thing I would like to know is whether this threat can be addressed, and if so how. Thank you, Lgp. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Adding new exploit module to metasploit 3.1 sfmailsbm (Sep 11)
- Message not available
- Re: Adding new exploit module to metasploit 3.1 Jai (Sep 15)
- Message not available
- Packets with TCP flags set .\lgp (Sep 15)
- RE: Packets with TCP flags set David Gillett (Sep 16)
- RE: Packets with TCP flags set .\lgp (Sep 16)
- RE: Packets with TCP flags set David Gillett (Sep 17)
- RE: Packets with TCP flags set David Gillett (Sep 16)