WebApp Sec mailing list archives
Re: IIS log
From: <dotnetter () bellsouth net>
Date: Tue, 5 Aug 2003 17:45:49 -0400
IIS logs log the http request. The data you are seeing is being passed in the URL (very bad) or as form data in a form post... thanks Bill Moore
From: Justin H Tran <justint () us ibm com> Date: 2003/08/05 Tue PM 03:34:48 EDT To: webappsec () securityfocus com Subject: IIS log I just viewed an IIS log and I noticed that the credit card # is loogged. I beleive that this is a major flaw to log credit card # is clear text. Does anyone have any advice? Regards, Justin
Current thread:
- IIS log Justin H Tran (Aug 05)
- Re: IIS log Alejandro Flores (Aug 05)
- Re: IIS log Randy (Aug 05)
- <Possible follow-ups>
- RE: IIS log Michael Howard (Aug 05)
- RE: IIS log Richard M. Smith (Aug 05)
- Re: IIS log dotnetter (Aug 05)
- Re: IIS log jamesworld (Aug 05)
- RE: IIS log Nelson, Ernie (Aug 05)