Re: blocking CSRF attacks
- From: Jan Heisterkamp <janheisterkamp@xxxxxx>
- Date: Thu, 13 Dec 2007 19:02:36 -0600
Hi Pawan,
this might be helpful: http://www.gnucitizen.org/blog/csrf-demystified
Regards,
Jan
Pawan schrieb:
Hi List,
any one on the list aware of any IDS/IPS capable of blocking CSRF
attacks?
If not, what will be the best policy to block CSRF.
Thanks in advance.
-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
--
Grupo Ampersand S.A.
IT-Security Consultants & Auditors
Apdo. 924 Escazu 1250
Costa Rica C.A.
Phone: (506)588-0432
ceo_at_ampersanded.com [corp.]
janheisterkamp_at_web.de [priv.]
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Prev by Date: RE: SSL - Man-in-the-Middle filtering
- Next by Date: Snort Network Suppression
- Previous by thread: SSL - Man-in-the-Middle filtering
- Next by thread: Snort Network Suppression
- Index(es):
