WebApp Sec mailing list archives
Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93
From: mike03051 () yahoo com
Date: 19 Sep 2005 14:30:01 -0000
Amir, As I suspected, the hall-of-shame posted on Amir's site may be a bit misguided since these pages do in-fact submit HTTPS (SSL) logins. JL, Non-microsoft-OS like Apple, or Linux, or Amiga ? What is likely to be the case is that they block any unusual headers. Automated bots send weird/wacky headers and this is one way to block attacks. I have no idea how effective it would be. TrustBar plays no role in subiting pages, so no I don't think it would address this problem in the least. Mike
Current thread:
- Defending users of unprotected login pages with TrustBar 0.4.9.93 Amir Herzberg (Sep 19)
- <Possible follow-ups>
- Re: Defending users of unprotected login pages with TrustBar 0.4.9.93 mike03051 (Sep 19)
- Re: Defending users of unprotected login pages with TrustBar 0.4.9.93 Nathan Jackson-Eeles (Sep 19)
- Re: Defending users of unprotected login pages with TrustBar 0.4.9.93 J. Lambrecht (Sep 19)
- Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93 mike03051 (Sep 19)
- Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93 Peter Conrad (Sep 20)
- Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93 mike03051 (Sep 20)