topleft topright

Main Menu

Home
Rules
Mailing Lists
Search
Blog
FAQs
Contact Us
Documentation Wiki
CVS Web
Sponsors

My Account

Account






Lost Password?
No account yet? Register

Feeds

 
Proxies Behaving Badly PDF Print E-mail
Written by Matt Jonkman   
Monday, 31 December 2007

Will Metcalf has been fighting this issue for a good while. A number of commercial proxies offer the users real credentials to outside websites, often whether they ask for it or not. Not a good thing since those credentials are easily reversible!

 More here:

http://node5.blogspot.com/2007/12/proxies-behaving-badly.html

 

Very interesting use of the http-auth Bleeding sigs we've had out for a while. But it's an incredible shame that Will has been trying to contact companies and vendors for months now with only a couple of success stories. All he's trying to tell them is they're throwing their internal credentials all over the place in an easily reversible form.

Moral of the story: HAVE AN ACCURATE AND MONITORED ABUSE ACCOUNT!!  Doesn't matter if you're a bank or a widget shipper. You have security issues you need to know about like everyone else!

 Great work Will!

 

 
Last Updated ( Monday, 31 December 2007 )
 
< Prev
[ Back ]
Joomla Templates by JoomlaShack Joomla Templates