ANNOUNCE: Nagios Looking Glass 1.0.0#PRE is here!

Hugo van der Kooij hvdkooij at vanderkooij.org
Thu Dec 28 22:24:38 CET 2006


On Thu, 28 Dec 2006, Andy Shellam (Mailing Lists) wrote:

> Thanks for your description below but I'm still struggling to come to
> terms with how NLG can be used to attack another site.
> Firstly, my understanding of an XSS attack is of the following:
>
> - Client requests a page (eg. www.yahoo.com)
> - Hacker strips the response packets off the wire and replaces them with
> packets that have come from (eg. www.google.co.uk)
> - Client receives www.google.co.uk as a result of hacker's actions

Well if you trust site A but not site B and site B can trick your browser 
into thinking that the data comes from site A instead you are exposed to 
site B.

Site A is the unwilling accomplish in this scheme and that is one thing 
you have to be carefull about.

Hugo.

-- 
 	hvdkooij at vanderkooij.org	http://hvdkooij.xs4all.nl/
 	    This message is using 100% recycled electrons.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list