mailing list archives
Re: Part of the web page being MODIFIED !
From: phani () myrealbox com
Date: Tue, 26 Nov 2002 16:30:22 +0530
On Mon, Nov 25, 2002 at 04:37:14AM -0000, Frank Cheong wrote:
This seems rather interesting. As you mentioned the reason for this could be coz of some kind of poisioning enroute.
This could be very difficult to detect. One thing you can do is to find out from which ips these complaints arise. Try
and find out if there is some rogue server in the ips route to your server. If that is the case then you can complain
to the webmaster of that server.
Moving to ssl as u mentioned is ok but with the cost of the overhead. I dont think it wld be advisable that for some
images that are being changed you incur the additional cost.
I got one serious question that is I received complains regarding one of
the image on my web site has been modified by a PORN picture ! While the
image have resumed normal during the second visit.
After receiving the complains, I have of course double checked the GIF
image's filesize and date timestamp found that it is completely normal.
Therefore, the image haven't been modified. So I do want to know what is
the possibilities in doing this ?
(Like HTTP session hijack, proxy poisoning, someone doing man in the
middle etc) any other ways to do that ?
As these activities mostly happens outside my server boundry, I assume I
can't do anything with it, how about any outside parties ?
As I know going for SSL maybe one of the alternative to stop this but this
will add on extra processing on my website and it will make it slow. So I
don't want to go for it, any other way to secure against this ?