Re: Security Issues?
- Posted by Euman <euman at bellsouth.net> Nov 26, 2002
- 405 views
One link CK, http://www.sidesport.com/hijack/ There are thousands like it that continually update how to access anything. Why do you think MS has a Security update everyday? Euman ----- Original Message ----- From: "C. K. Lester" <cklester at yahoo.com> To: "EUforum" <EUforum at topica.com> Sent: Tuesday, November 26, 2002 3:01 PM Subject: Re: Security Issues? : : do you ever go to sites that need to keep track of you on their web site? : for instance, password protected pages? : : ----- Original Message ----- : From: "Euman" <euman at bellsouth.net> : To: "EUforum" <EUforum at topica.com> : Sent: Tuesday, November 26, 2002 12:52 PM : Subject: Re: Security Issues? : : : > : > I reject Cookies because its a way for sites to monitor where you go : > and where you've been. : > : > grab a copy of "ad-aware" run it on your machine and I'll bet you have : > atleast one site that has either stuck code in your registry or sent : cookies : > that they can track your movements with. : > : > Euman : > : > ----- Original Message ----- : > From: "Robert Craig" <rds at RapidEuphoria.com> : > To: "EUforum" <EUforum at topica.com> : > Sent: Tuesday, November 26, 2002 2:31 PM : > Subject: Re: Security Issues? : > : > : > : : > : C.K. Lester writes: : > : > For instance, I've gotten the user's ID and password, and now I want : to : > : > send them to the next page. Or I guess I should just form the HTML : with : > : > the appropriate content and each link has a parameter indicating a : valid : > : > user is clicking around... ??? Anybody with some helpful hints and : tips, : > : > please speak up. : > : : > : This is where "cookies" can be helpful. : > : You output a cookie in the header of the HTML, : > : then the user's Web browser will remember : > : that cookie for you, and you'll be able to access it : > : via an environment variable on any future page : > : that the user visits (by default, until he closes his Web browser). : > : e.g. : > : printf(1, "Set-Cookie:myname=%s\n", {name}) : > : : > : A cookie is just a name-value pair. : > : : > : It's easier than trying to attach his name or id : > : to every link that you provide him. : > : : > : Search the web for "cgi cookies". : > : : > : People can potentially fake the value of : > : a cookie, so for security you might want to assign a : > : special code number rather than using his name : > : to identify him. : > : : > : Also, some people are paranoid about accepting : > : cookies, so they have their browser reject them. : > : : > : Regards, : > : Rob Craig : > : Rapid Deployment Software : > : http://www.RapidEuphoria.com : > : : > : : > : : > : : > : : > : > : > : : : :