RE: Script Injections
- From: "David Farinic" <davidf@xxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 25 Feb 2005 18:34:10 +0100
Sorry, I meant which RFC and which section describes
that characters "<" or ">" are forbidden in Request-URI used in
Request-Line with method GET?
David Farinic
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Friday, February 25, 2005 5:06 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Script Injections
http://www.ISAserver.org
Here y'go:
http://www.ietf.org/rfc/rfc1945.txt
http://www.ietf.org/rfc/rfc2396.txt
http://www.ietf.org/rfc/rfc1738.txt
http://www.ietf.org/rfc/rfc2616.txt
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Rob Moore [mailto:RMoore@xxxxxxxx]
Sent: Thursday, February 24, 2005 06:45
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Script Injections
http://www.ISAserver.org
More importantly--what about those RFCs??
Rob
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, February 24, 2005 9:42 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Script Injections
http://www.ISAserver.org
"legit" sites need to rethink their web usage. Humungo request URLs are
unnecessary and in many cases (like this), irresponsible.
At no time was the request URL filter offered as a "be-all, end-all"
solution - just a protection for this one attack mechanism (and frankly,
the most often used - so the odds are with us, Obi-Wan).
You're still arguing the "attack happens at the web server,
therefore..", which is incorrect.
We're talking about applying a blocking filter at the ISA that serves
EBay clients, not EBay web servers (for the record, PayPal is a
dangerous, irresponsible outfit).
I don't give a rats a$$ if the web site is vulnerable - I do care if I'm
part of the attack.
My ISA doesn't protect EBay - it protects me from EBay.
This mail was checked for viruses by GFI MailSecurity.
GFI also develops anti-spam software (GFI MailEssentials), a fax server
(GFI FAXmaker), and network security and management software (GFI
LANguard) - www.gfi.com
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
davidf@xxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts: