Date: Wed, 10 Apr 2002 11:54:32 +0100 (BST) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: Lord Raiden <raiden23@netzero.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Good spoof page for Apache?? Message-ID: <Pine.GSO.4.44.0204101151550.17061-100000@mail.ilrt.bris.ac.uk> In-Reply-To: <4.2.0.58.20020409233418.0095a220@pop.netzero.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 9 Apr 2002, Lord Raiden wrote: > ... yet "mydomain.com/login.cgi" would still get > them to where they needed to go. I just need a way to spoof an error, not > generate a real one to help keep out nosy bypassers. Any ideas? You also ought to realise that automated vulnerability scanners will target "well-known" addresses like /login.cgi, /cgi-bin/login.cgi and so on. What you've got is only security through obscurity (are people viewing your site through a proxy? Then details will show up in the logs. And in browser history, etc.) and may not be worth the effort. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 RFC822 jan.grant@bris.ac.uk "Sufficiently large"="infinite" for sufficiently large values of "sufficiently" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.44.0204101151550.17061-100000>