Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Problems with most web app auth schemes

Re: Problems with most web app auth schemes

From: <webappsec_at_technicalinfo.net>
Date: Mon, 28 Jul 2003 09:13:20 +0100

After reading through alot of postings on this thread, I would suggest the following two relevant papers that go into some depth on the issues including recommendations:

Custom HTML Authentication - Best Practices on Securing Custom HTML Authentication Procedures - http://www.technicalinfo.net/papers/CustomHTMLAUthentication.html


Web Based Session Management - Best Practices in Managing HTTP Based Client Sessions - http://www.technicalinfo.net/papers/WebBasedSessionManagement.html

Received on Jul 28 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos