WebApp Sec mailing list archives
RE: Looking for a POST statement Sniffer
From: Tom Arseneault <TArseneault () counterpane com>
Date: Mon, 15 Sep 2003 17:33:48 -0700
You can use Snort (www.snort.org) to do this. It has the added attraction of being very flexible in what you search for, though it's learning curve may be steeper than you want. Thomas J. Arseneault Security Engineer Counterpane Internet Security tarseneault () counterpane com -----Original Message----- From: Andy Talbot [mailto:atalbot () sli co im] Sent: Monday, September 15, 2003 7:27 AM To: webappsec () securityfocus com Subject: Looking for a POST statement Sniffer Hi Everyone It's been a long time since I've required the ability to sniff POST statements and the application I used many time ago has since died on my last machine (I think I used the proxy server included in one of Compuware's QA testing suite products to catch URL POST Statements). This requirement has arisen from a new web development within our Extranet, developed in Flash 5 with asp. As the URL's statements are not publicly visible in the address bar (they are passed transparently within the flash movie), I require a reliable method of catching the post statements sent from my client PC to my Websever, so I can check our current security measures. Ideally I'm looking for a free and reliable method of achieving this! If you guys could recommend something suitable to me this would be much appreciated. Many Thanks Andy Talbot IT Developer / Analyst Programmer ============================================================================ =============== The information in this e-mail is confidential and may be legally privileged. It is intended solely for the addressee and access to this e-mail by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. At present the integrity of e-mail across the Internet cannot be guaranteed and messages sent via this medium are potentially at risk. Therefore we will not accept liability for any claims arising as a result of the use of this medium to transmit messages by or to the Scottish Life International group of companies. The Scottish Life International group of companies is owned by Royal London. Scottish Life International Investment Group who provides marketing services is a Royal London company which is regulated by the Financial Services Authority for UK investment business and only promotes the investment, life assurance and pensions products of the Royal London marketing group. Registered Office: 19 St Andrew Square, Edinburgh EH2 1YE, United Kingdom. Registered in Scotland No. 166387. Scottish Life International Insurance Company Limited, a Royal London company, is the Isle of Man based product provider of life assurance and investment products of the Royal London marketing group. Scottish Life International Insurance Company Limited is authorised by the Isle of Man Government Insurance and Pensions Authority. A member of the Association of International Life Offices. Registered in the Isle of Man Number 076981C. Registered Office: Exchange House, 54-58 Athol Street, Douglas, Isle of Man IM1 1JD, British Isles. Scottish International Fund Managers Limited, a Royal London company, is licensed to conduct investment business as a Category 3 licenceholder by the Isle of Man Financial Supervision Commission under the Investment Business Act 1991. Registered in the Isle of Man number 89411C. Registered address: 54-58 Athol Street, Douglas, Isle of Man, IM1 1JD, British Isles.
Current thread:
- Looking for a POST statement Sniffer Andy Talbot (Sep 15)
- Re: Looking for a POST statement Sniffer Ivan Ristic (Sep 15)
- Re: Looking for a POST statement Sniffer Jon Hart (Sep 15)
- <Possible follow-ups>
- RE: Looking for a POST statement Sniffer Tom Arseneault (Sep 15)
- RE: Looking for a POST statement Sniffer Dawes, Rogan (ZA - Johannesburg) (Sep 16)