Home page logo

basics logo Security Basics mailing list archives

Re: Part of the web page being MODIFIED !
From: phani () myrealbox com
Date: Tue, 26 Nov 2002 16:30:22 +0530

On Mon, Nov 25, 2002 at 04:37:14AM -0000, Frank Cheong wrote:
  This seems rather interesting. As you mentioned the reason for this could be coz of some kind of poisioning enroute. 
This could be very difficult to detect. One thing you can do is to find out from which ips these complaints arise. Try 
and find out if there is some rogue server in the ips route to your server. If that is the case then you can complain 
to the webmaster of that server. 
Moving to ssl as u mentioned is ok but with the cost of the overhead. I dont think it wld be advisable that for some 
images that are being changed you incur the additional cost.

I got one serious question that is I received complains regarding one of 
the image on my web site has been modified by a PORN picture ! While the 
image have resumed normal during the second visit.

After receiving the complains, I have of course double checked the GIF 
image's filesize and date timestamp found that it is completely normal. 
Therefore, the image haven't been modified. So I do want to know what is 
the possibilities in doing this ?
(Like HTTP session hijack, proxy poisoning, someone doing man in the 
middle etc) any other ways to do that ?

As these activities mostly happens outside my server boundry, I assume I 
can't do anything with it, how about any outside parties ?

As I know going for SSL maybe one of the alternative to stop this but this 
will add on extra processing on my website and it will make it slow. So I 
don't want to go for it, any other way to secure against this ?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]