Re: web application security
('binary' encoding is not supported, stored as-is)
I suggest you become a bit more specific into what your asking, as you are not really asking much questions here, enough to define any answers. I would suggest searching for an IDS or HIDS. Until this day, there hasn't been an effective phishing tool, but I suggest using Browsers like Opera or Firefox. All you can really do is identify the header request information for each HTTP/HTTPS request and identify the URL very closely to review any information that might be suspicious. They should allow you to use this, hopefully you present them with licensed software, as it will show more responsibility and care on your end. IF you cannot use 3rd party applications to secure the system, perhaps you can develop your own? Also , if you specify the OS, maybe we can assist you a little more in terms of what you can harden manually without actual software automation
-Yousif Yalda
http://YousifYalda.Blogspot.com
Security Consultant
http://Vapt-Sec.com
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7
: Sat Apr 12 2008 - 10:58:25 EDT