NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > WWW-Mobile-Code> 2002-q3

Most recent messages
413 messages sorted by: [ author ] [ date ] [ subject ]

Starting: Mon Jul 01 2002 - 22:31:58 CDT
Ending: Mon Sep 30 2002 - 09:26:58 CDT

webappsec Charter Mark Curphey (Mon Jul 01 2002 - 22:31:58 CDT)
Help finding a cookie generator Marty Block (Tue Jul 02 2002 - 13:11:07 CDT)
- Re: Help finding a cookie generator Vitaly Osipov (Tue Jul 02 2002 - 15:12:13 CDT)
- RE: Help finding a cookie generator Michael Sutton (Tue Jul 02 2002 - 15:35:51 CDT)
- Re: Help finding a cookie generator Chris Huseman (Tue Jul 02 2002 - 15:56:53 CDT)
- RE: Help finding a cookie generator Vitor Ventura (Wed Jul 03 2002 - 03:59:38 CDT)
- Re: Help finding a cookie generator Vitaly Osipov (Wed Jul 03 2002 - 15:19:25 CDT)
- RE: Help finding a cookie generator END OF THREAD AND THANKS!!! Marty Block (Wed Jul 03 2002 - 15:42:25 CDT)
Mime Types and determining an uploaded file type James Fleming (Wed Jul 03 2002 - 21:48:27 CDT)
- Re: Mime Types and determining an uploaded file type Gregory Steuck (Thu Jul 04 2002 - 01:27:02 CDT)
- Re: Mime Types and determining an uploaded file type Peter Conrad (Thu Jul 04 2002 - 05:56:08 CDT)
- Re: Mime Types and determining an uploaded file type Tom Emerson (Thu Jul 04 2002 - 07:48:51 CDT)
WebLogic Session IDs James Fleming (Tue Jul 09 2002 - 00:22:12 CDT)
- Re: WebLogic Session IDs Gregory Steuck (Tue Jul 09 2002 - 20:17:04 CDT)
RE: JSP (app security) Andrew van der Stock (Tue Jul 09 2002 - 02:28:20 CDT)
- RE: JSP (app security) Alan Pope (Tue Jul 09 2002 - 09:19:22 CDT)
  - RE: JSP (app security) Nik Cubrilovic (Tue Jul 09 2002 - 12:48:34 CDT)
- RE: JSP (app security) dnsadmin_at_cboss.com (Tue Jul 09 2002 - 09:27:25 CDT)
- RE: JSP (app security) Ryan Fox (Tue Jul 09 2002 - 10:28:42 CDT)
- RE: JSP (app security) Scott Mulcahy (Tue Jul 09 2002 - 09:42:12 CDT)
- RE: JSP (app security) Wall, Kevin (Tue Jul 09 2002 - 14:48:52 CDT)
- Re: JSP (app security) Nelson Sampaio Araujo Junior (Tue Jul 09 2002 - 18:10:45 CDT)
  - Re: JSP (app security) Kevin Spett (Tue Jul 09 2002 - 22:40:11 CDT)
  - Re: JSP (app security) ssgill_at_starhub.net.sg (Wed Jul 10 2002 - 00:16:29 CDT)
- RE: JSP (app security) Andrew van der Stock (Tue Jul 09 2002 - 18:42:10 CDT)
- Re: JSP (app security) Gregory Steuck (Tue Jul 09 2002 - 20:12:33 CDT)
Metrics... Gabriel Lawrence (Tue Jul 09 2002 - 14:21:49 CDT)
Best Practices for passing data via HTTP Steven Fling (Wed Jul 10 2002 - 13:36:05 CDT)
- Re: Best Practices for passing data via HTTP Bryan Ponnwitz (Wed Jul 10 2002 - 14:03:32 CDT)
  - Re: Best Practices for passing data via HTTP Kalyan Varma (Wed Jul 10 2002 - 14:53:34 CDT)
- Re: Best Practices for passing data via HTTP zeno (Wed Jul 10 2002 - 14:04:36 CDT)
- Re: Best Practices for passing data via HTTP Mark Curphey (Wed Jul 10 2002 - 14:43:31 CDT)
  - Re: Best Practices for passing data via HTTP Kevin Spett (Wed Jul 10 2002 - 16:57:46 CDT)
- Re: Best Practices for passing data via HTTP Kalyan Varma (Wed Jul 10 2002 - 14:15:06 CDT)
  - Re: Best Practices for passing data via HTTP Kevin Spett (Wed Jul 10 2002 - 15:39:46 CDT)
    - Re: Best Practices for passing data via HTTP Kalyan Varma (Thu Jul 11 2002 - 12:42:08 CDT)
    - Re: Best Practices for passing data via HTTP Gabriel Lawrence (Thu Jul 11 2002 - 18:01:59 CDT)
- Re: Best Practices for passing data via HTTP Gabriel Lawrence (Wed Jul 10 2002 - 14:37:24 CDT)
- RE: Best Practices for passing data via HTTP Ben Mord (Wed Jul 10 2002 - 14:52:26 CDT)
- RE: Best Practices for passing data via HTTP Anna Karuba (Wed Jul 10 2002 - 14:43:56 CDT)
  - RE: Best Practices for passing data via HTTP Blake Frantz (Wed Jul 10 2002 - 16:09:16 CDT)
    - RE: Best Practices for passing data via HTTP Jason Childers (Wed Jul 10 2002 - 17:34:42 CDT)
- Re: Best Practices for passing data via HTTP Kevin Spett (Wed Jul 10 2002 - 14:38:20 CDT)
- RE: Best Practices for passing data via HTTP Venkat, Sanjay (Wed Jul 10 2002 - 15:47:11 CDT)
  - URI length limits (was: Best Practices for passing data via HTTP) Gregory Steuck (Wed Jul 10 2002 - 16:18:03 CDT)
  - Re: Best Practices for passing data via HTTP strange_at_nsk.yi.org (Wed Jul 10 2002 - 16:16:24 CDT)
- RE: Best Practices for passing data via HTTP Paul Matheu (Wed Jul 10 2002 - 16:00:19 CDT)
- Re: Best Practices for passing data via HTTP Gregory Steuck (Wed Jul 10 2002 - 16:11:47 CDT)
- Re: Best Practices for passing data via HTTP Jim Markley (Wed Jul 10 2002 - 16:22:36 CDT)
- Re: Best Practices for passing data via HTTP Mark Curphey (Wed Jul 10 2002 - 17:42:44 CDT)
- Re: Best Practices for passing data via HTTP Daniel Hedrick (Wed Jul 10 2002 - 17:18:24 CDT)
- Re: Best Practices for passing data via HTTP Matt Sergeant (Thu Jul 11 2002 - 04:05:53 CDT)
Post vs GET thread no longer Mark Curphey (Thu Jul 11 2002 - 11:32:44 CDT)
SPIKE Proxy 1.0 Release Dave Aitel (Fri Jul 12 2002 - 11:47:57 CDT)
Trusted Paths for Browsers: An Open-Source Solution to Web Spoofing aleph1_at_securityfocus.com (Tue Jul 16 2002 - 01:20:57 CDT)
Cross site sripting Olaf Weyer (Wed Jul 17 2002 - 10:38:30 CDT)
- Re: Cross site sripting Kevin Spett (Wed Jul 17 2002 - 13:58:31 CDT)
- Re: Cross site sripting Panayiotis A. Thermos (Wed Jul 17 2002 - 14:39:42 CDT)
Good Article about Java Security Mark Curphey (Wed Jul 17 2002 - 14:17:13 CDT)
- Re: Good Article about Java Security Peter Conrad (Thu Jul 18 2002 - 04:56:09 CDT)
OWASP - command execution page. b0iler (Wed Jul 17 2002 - 22:03:29 CDT)
- Re: OWASP - command execution page. Masaru Matsunami (Thu Jul 18 2002 - 12:19:54 CDT)
- Re: OWASP - command execution page. Martin Eiszner (Thu Jul 18 2002 - 15:58:21 CDT)
risks of # and & (XSS) zeno (Thu Jul 18 2002 - 17:53:11 CDT)
- Re: risks of # and & (XSS) Alex Lambert (Thu Jul 18 2002 - 21:30:36 CDT)
- Re: risks of # and & (XSS) b0iler (Thu Jul 18 2002 - 22:06:17 CDT)
Paper on Web Application Security Patrice Neff (Sun Jul 21 2002 - 16:01:11 CDT)
- Re: Paper on Web Application Security b0iler _ (Mon Jul 22 2002 - 00:20:21 CDT)
  - Re: Paper on Web Application Security Patrice Neff (Sun Aug 04 2002 - 07:39:23 CDT)
ezmlm warning webappsec-help_at_securityfocus.com (Mon Jul 22 2002 - 15:34:58 CDT)
SPIKE Proxy 1.1 Released Dave Aitel (Mon Jul 22 2002 - 15:48:28 CDT)
Web Services Vulnerabilities James Fleming (Mon Jul 22 2002 - 23:56:04 CDT)
- Re: Web Services Vulnerabilities H D Moore (Wed Jul 24 2002 - 02:43:52 CDT)
Coordinating SSL and session tracking layers to foil session hijacking Ben Mord (Thu Jul 25 2002 - 13:52:38 CDT)
- RE: Coordinating SSL and session tracking layers to foil session hijacking Jason Coombs (Thu Jul 25 2002 - 15:30:54 CDT)
- Re: Coordinating SSL and session tracking layers to foil session hijacking MICHAEL GERMONY (Thu Jul 25 2002 - 15:37:20 CDT)
- Re: Coordinating SSL and session tracking layers to foil session hijacking Gabriel Lawrence (Thu Jul 25 2002 - 15:50:35 CDT)
  - RE: Coordinating SSL and session tracking layers to foil sessionhijacking Ben Mord (Thu Jul 25 2002 - 16:00:40 CDT)
    - RE: Coordinating SSL and session tracking layers to foil sessionhijacking Bryan Ponnwitz (Fri Jul 26 2002 - 08:13:19 CDT)
    - Re: Coordinating SSL and session tracking layers to foilsessionhijacking Jason (Fri Jul 26 2002 - 12:08:30 CDT)
- Re: Coordinating SSL and session tracking layers to foil session hijacking Kevin Spett (Thu Jul 25 2002 - 16:33:04 CDT)
  - Re: Coordinating SSL and session tracking layers to foil session hijacking Peter Conrad (Fri Jul 26 2002 - 02:28:12 CDT)
    - RE: Coordinating SSL and session tracking layers to foil session hijacking Ben Mord (Fri Jul 26 2002 - 11:53:58 CDT)
  - RE: Coordinating SSL and session tracking layers to foil session hijacking Jason Coombs (Thu Jul 25 2002 - 18:49:57 CDT)
- Re: Coordinating SSL and session tracking layers to foil session hijacking Jason (Thu Jul 25 2002 - 16:20:39 CDT)
- Re: Coordinating SSL and session tracking layers to foil session hijacking Sean Z. (Fri Jul 26 2002 - 20:01:43 CDT)
  - RE: Coordinating SSL and session tracking layers to foil session hijacking Ben Mord (Mon Jul 29 2002 - 15:07:54 CDT)
Web Server Log Files - Security Events Analysis James Fleming (Fri Jul 26 2002 - 13:45:46 CDT)
- Re: Web Server Log Files - Security Events Analysis Jared Lovell (Sat Jul 27 2002 - 00:38:59 CDT)
- Re: Web Server Log Files - Security Events Analysis mushu999_at_NOSPAM.hotmail.com (Fri Jul 26 2002 - 23:52:13 CDT)
AW: Web Server Log Files - Security Events Analysis Carlos Heller (Sat Jul 27 2002 - 02:17:10 CDT)
- Re: AW: Web Server Log Files - Security Events Analysis crazytrain.com (Sun Jul 28 2002 - 13:08:02 CDT)
Apache Security Training - SANS Institute Ryan Barnett (Thu Aug 01 2002 - 10:52:41 CDT)
ezmlm probe webappsec-help_at_securityfocus.com (Sat Aug 03 2002 - 11:53:59 CDT)
SPIKE 2.5 and associated vulns Dave Aitel (Mon Aug 05 2002 - 19:02:44 CDT)
OWASP Update Mark Curphey (Mon Aug 05 2002 - 22:52:53 CDT)
Re: Cross Site Scripting Vulnerabilities - XSS Bill Pennington (Tue Aug 06 2002 - 10:29:08 CDT)
- Re: Cross Site Scripting Vulnerabilities - XSS Dave Aitel (Tue Aug 06 2002 - 11:18:37 CDT)
- Re: Cross Site Scripting Vulnerabilities - XSS stephen (Tue Aug 06 2002 - 11:35:16 CDT)
Easy End to XSS Doug Sibley (Wed Aug 07 2002 - 10:31:18 CDT)
- Re: Easy End to XSS Mark Curphey (Wed Aug 07 2002 - 11:12:30 CDT)
  - Re: Easy End to XSS Andrew Jaquith (Wed Aug 07 2002 - 13:34:22 CDT)
- Re: Easy End to XSS Doug Sibley (Wed Aug 07 2002 - 11:17:40 CDT)
- Re: Easy End to XSS Bob Lee (Wed Aug 07 2002 - 14:07:57 CDT)
  - HTTP & SSL Sessions Bob Lee (Thu Aug 08 2002 - 01:12:48 CDT)
- SQL Injections and JDBC Bob Lee (Wed Aug 07 2002 - 14:21:32 CDT)
- RE: Easy End to XSS Ben Mord (Wed Aug 07 2002 - 15:27:32 CDT)
  - Re: Easy End to XSS Alex Russell (Wed Aug 07 2002 - 16:45:46 CDT)
  - Re: Easy End to XSS Bill Pennington (Wed Aug 07 2002 - 22:28:33 CDT)
- Re: Easy End to XSS Greg Steuck (Thu Aug 08 2002 - 00:15:08 CDT)
- Re: Easy End to XSS Doug Sibley (Thu Aug 08 2002 - 12:20:18 CDT)
- Re: Easy End to XSS Daniel Delaney (Mon Aug 12 2002 - 12:16:49 CDT)
SiteMinder Siebel Integration Kevin Wharram (Wed Aug 07 2002 - 10:59:10 CDT)
Client IP - from client or server? Mike Shaw (Wed Aug 07 2002 - 16:30:37 CDT)
- Re: Client IP - from client or server? by way of Alex Russell (Wed Aug 07 2002 - 17:34:25 CDT)
  - Re: Client IP - from client or server? Steven J. Sobol (Mon Aug 12 2002 - 12:11:26 CDT)
- Re: Client IP - from client or server? Kevin Spett (Wed Aug 07 2002 - 18:45:12 CDT)
- Re: Client IP - from client or server? Panayiotis A. Thermos (Thu Aug 08 2002 - 09:33:40 CDT)
  - Re: Client IP - from client or server? Kevin Spett (Thu Aug 08 2002 - 12:07:13 CDT)
    - Re: Client IP - from client or server? Alex Russell (Thu Aug 08 2002 - 13:24:49 CDT)
- Re: Client IP - from client or server? Panayiotis A. Thermos (Thu Aug 08 2002 - 13:13:13 CDT)
  - Re: Client IP - from client or server? Kevin Spett (Thu Aug 08 2002 - 14:40:46 CDT)
- Re: Client IP - from client or server? Mike Shaw (Thu Aug 08 2002 - 14:47:52 CDT)
- Re: Client IP - from client or server? Panayiotis A. Thermos (Thu Aug 08 2002 - 16:25:54 CDT)
  - Re: Client IP - from client or server? Kevin Spett (Thu Aug 08 2002 - 16:50:11 CDT)
- Re: Client IP - from client or server? Panayiotis A. Thermos (Thu Aug 08 2002 - 16:38:40 CDT)
- RE: Client IP - from client or server? Vitor Ventura (Mon Aug 12 2002 - 06:27:48 CDT)
  - RE: Client IP - from client or server? Nik Cubrilovic (Mon Aug 12 2002 - 09:24:53 CDT)
    - Re: Client IP - from client or server? Bill Pennington (Mon Aug 12 2002 - 10:31:58 CDT)
Q about PHP and ASP includes Gatis Mednis (Thu Aug 08 2002 - 03:53:09 CDT)
- Re: Q about PHP and ASP includes sunzi (Thu Aug 08 2002 - 09:40:32 CDT)
- Re: Q about PHP and ASP includes Kevin Spett (Thu Aug 08 2002 - 11:05:43 CDT)
Entrust vs. Verisign certs Woodworth, Lora (Thu Aug 08 2002 - 13:21:39 CDT)
- RE: Entrust vs. Verisign certs Cushing, David (Thu Aug 08 2002 - 13:48:50 CDT)
  - Re: Entrust vs. Verisign certs Ajai Khattri (Thu Aug 08 2002 - 17:33:31 CDT)
- Re: Entrust vs. Verisign certs by way of Alex Russell (Thu Aug 08 2002 - 14:03:32 CDT)
- RE: Entrust vs. Verisign certs Lars Troen (Thu Aug 08 2002 - 14:11:03 CDT)
- RE: Entrust vs. Verisign certs Bruce.Morris_at_ernstyoung.com.au (Thu Aug 08 2002 - 18:06:26 CDT)
- RE: Entrust vs. Verisign certs Alberto Cozer (Thu Aug 08 2002 - 20:06:29 CDT)
  - Re: Entrust vs. Verisign certs Jason (Fri Aug 09 2002 - 20:36:34 CDT)
  - RE: Entrust vs. Verisign certs Steven J. Sobol (Mon Aug 12 2002 - 12:15:01 CDT)
- RE: Entrust vs. Verisign certs Mike Shaw (Fri Aug 09 2002 - 12:17:31 CDT)
New Perl XSS audit tool Matt Sergeant (Mon Aug 12 2002 - 05:06:39 CDT)
SSL vulnerability in IE and KDE's Konqueror Christopher Todd (Mon Aug 12 2002 - 21:12:14 CDT)
- Re: SSL vulnerability in IE and KDE's Konqueror Mathieu Gervais (Tue Aug 13 2002 - 10:04:50 CDT)
  - RE: SSL vulnerability in IE and KDE's Konqueror Jason Coombs (Wed Aug 14 2002 - 00:19:20 CDT)
    - Re: SSL vulnerability in IE and KDE's Konqueror Peter Conrad (Wed Aug 14 2002 - 02:22:28 CDT)
Two problems. Ivan Hernandez (Wed Aug 14 2002 - 09:14:15 CDT)
- Re: Two problems. alex (Wed Aug 14 2002 - 10:01:51 CDT)
- RE: Two problems. Harbar, Spencer (Wed Aug 14 2002 - 10:52:39 CDT)
- Re: Two problems. Marcel Erkens (Wed Aug 14 2002 - 11:10:46 CDT)
- Re: Two problems. David Garnier (Wed Aug 14 2002 - 10:20:48 CDT)
  - Re: Two problems. Darren Davison (Wed Aug 14 2002 - 13:54:50 CDT)
  - Re: Two problems. Alex Russell (Wed Aug 14 2002 - 14:04:41 CDT)
- RE: Two problems. Patrick Johanneson (Wed Aug 14 2002 - 10:57:43 CDT)
  - Re: Two problems. Ken Schaefer (Wed Aug 14 2002 - 21:45:39 CDT)
- Re: Two problems. cdavison_at_nucleus.com (Wed Aug 14 2002 - 11:31:33 CDT)
- Re: Two problems. George W. Capehart (Wed Aug 14 2002 - 16:56:25 CDT)
  - Re: Two problems. Matthew Hannigan (Wed Aug 14 2002 - 17:54:02 CDT)
- Re: Two problems. cathal connolly (Wed Aug 14 2002 - 18:39:42 CDT)
- Re: Two problems. Ivan Hernandez (Thu Aug 15 2002 - 09:28:39 CDT)
  - Re: Two problems. Nick Jacobsen (Thu Aug 15 2002 - 21:50:26 CDT)
Credit Card Validation Mars T (Fri Aug 16 2002 - 09:55:57 CDT)
- Re: Credit Card Validation Alex Russell (Fri Aug 16 2002 - 12:42:06 CDT)
- RE: Credit Card Validation Tony Welsh (Fri Aug 16 2002 - 13:00:54 CDT)
Slow list moderation for next few weeks Mark Curphey (Sun Aug 18 2002 - 09:17:51 CDT)
- Re: Slow list moderation for next few weeks Alex Russell (Sun Aug 18 2002 - 12:22:13 CDT)
  - asymmetric crypto for storage of cc#s, and separation of responsibilities Ben Mord (Thu Aug 22 2002 - 10:50:38 CDT)
XSS when a session ID is required stephen (Tue Aug 20 2002 - 04:00:47 CDT)
- Re: XSS when a session ID is required Jason (Tue Aug 20 2002 - 20:59:27 CDT)
  - Re: XSS when a session ID is required stephen (Wed Aug 21 2002 - 04:53:55 CDT)
    - Re: XSS when a session ID is required Jason (Wed Aug 21 2002 - 08:46:53 CDT)
    - Re: XSS when a session ID is required stephen (Wed Aug 21 2002 - 09:22:56 CDT)
  - Re: XSS when a session ID is required billp_at_boarder.org (Wed Aug 21 2002 - 11:49:15 CDT)
- Re: XSS when a session ID is required Kevin Spett (Wed Aug 21 2002 - 08:45:10 CDT)
  - Re: XSS when a session ID is required stephen (Wed Aug 21 2002 - 09:33:00 CDT)
Mozilla and MSIE handle Referer over HTTPS differently Sverre H. Huseby (Thu Aug 22 2002 - 13:40:43 CDT)
- RE: Mozilla and MSIE handle Referer over HTTPS differently Lars Troen (Fri Aug 23 2002 - 04:17:23 CDT)
Secure Flag on Session ID Cookies (Was RE: XSS when a session ID is required) David Wong (Thu Aug 22 2002 - 10:07:23 CDT)
RE: asymmetric crypto for storage of cc#s, and separation of resp onsibilities Filip Van Laenen (Fri Aug 23 2002 - 02:12:26 CDT)
Warning: PHP 4.2 may put session ids in URLs Sverre H. Huseby (Fri Aug 23 2002 - 02:34:53 CDT)
- Re: Warning: PHP 4.2 may put session ids in URLs Kevin Spett (Fri Aug 23 2002 - 08:27:27 CDT)
  - Re: Warning: PHP 4.2 may put session ids in URLs Sverre H. Huseby (Fri Aug 23 2002 - 08:45:40 CDT)
- RE: Warning: PHP 4.2 may put session ids in URLs Peter Petermann (Fri Aug 23 2002 - 11:48:00 CDT)
  - Re: Warning: PHP 4.2 may put session ids in URLs Sverre H. Huseby (Fri Aug 23 2002 - 12:00:17 CDT)
- Re: Warning: PHP 4.2 may put session ids in URLs cdavison_at_nucleus.com (Fri Aug 23 2002 - 15:39:23 CDT)
  - Re: Warning: PHP 4.2 may put session ids in URLs Sverre H. Huseby (Fri Aug 23 2002 - 16:32:43 CDT)
- RE: Warning: PHP 4.2 may put session ids in URLs David Endler (Sat Aug 24 2002 - 11:32:43 CDT)
  - RE: Warning: PHP 4.2 may put session ids in URLs Peter Petermann (Sun Aug 25 2002 - 17:34:56 CDT)
- RE: Warning: PHP 4.2 may put session ids in URLs Andrew Blyler (Sun Aug 25 2002 - 10:07:43 CDT)
  - RE: Warning: PHP 4.2 may put session ids in URLs Liam Quinn (Sun Aug 25 2002 - 17:00:01 CDT)
  - Re: Warning: PHP 4.2 may put session ids in URLs Alex Russell (Sun Aug 25 2002 - 17:08:07 CDT)
- RE: Warning: PHP 4.2 may put session ids in URLs Ogle Ron (Rennes) (Mon Aug 26 2002 - 06:59:44 CDT)
  - BASIC authentication vs. sessions ID [was: Warning: PHP 4.2 may put session ids in URLs] Keith Smith (Tue Aug 27 2002 - 10:48:36 CDT)
  - Re: Warning: PHP 4.2 may put session ids in URLs Gregory Steuck (Tue Sep 03 2002 - 09:55:48 CDT)
- RE: Warning: PHP 4.2 may put session ids in URLs Lars Troen (Tue Sep 03 2002 - 17:02:39 CDT)
- RE: Warning: PHP 4.2 may put session ids in URLs Cushing, David (Wed Sep 04 2002 - 09:05:15 CDT)
Interesting scan zeno (Fri Aug 23 2002 - 12:14:38 CDT)
- Re: Interesting scan sunzi (Fri Aug 23 2002 - 16:50:00 CDT)
- Re: Interesting scan zeno (Sat Aug 24 2002 - 13:01:10 CDT)
Metis 1.4 released Sacha Faust (Fri Aug 23 2002 - 17:36:41 CDT)
Encryption approach to secure web applications Mario Torre (Sat Aug 24 2002 - 06:42:36 CDT)
- Re: Encryption approach to secure web applications Allan Wind (Sat Aug 24 2002 - 11:32:42 CDT)
- Re: Encryption approach to secure web applications zeno (Sat Aug 24 2002 - 14:00:29 CDT)
- Re: Encryption approach to secure web applications Jeff Williams _at_ Aspect (Tue Aug 27 2002 - 12:46:18 CDT)
  - Re: Encryption approach to secure web applications Alex Russell (Tue Aug 27 2002 - 16:36:20 CDT)
- Re: Encryption approach to secure web applications Kevin Spett (Tue Aug 27 2002 - 17:52:33 CDT)
Security Practices for MS architecture Gal.Rozov_at_eAladdin.com (Sun Aug 25 2002 - 03:53:15 CDT)
- RE: Security Practices for MS architecture Christopher Todd (Sun Aug 25 2002 - 10:44:15 CDT)
On sessions (rather long) Sverre H. Huseby (Sun Aug 25 2002 - 09:42:18 CDT)
- RE: On sessions (rather long) Jason Coombs (Sun Aug 25 2002 - 22:11:19 CDT)
- Re: On sessions (rather long) joffrey.zehnder_at_freesurf.ch (Mon Sep 02 2002 - 04:23:26 CDT)
  - Re: On sessions (rather long) HarryM (Mon Sep 02 2002 - 12:42:50 CDT)
A new approach toward teaching secure coding? (WWW or otherwise) Alex Lambert (Mon Aug 26 2002 - 19:29:12 CDT)
- Re: A new approach toward teaching secure coding? (WWW or otherwise) Mark Curphey (Tue Aug 27 2002 - 04:38:35 CDT)
- Re: A new approach toward teaching secure coding? (WWW or otherwise) Sverre H. Huseby (Tue Aug 27 2002 - 05:55:58 CDT)
  - Re: A new approach toward teaching secure coding? (WWW or otherwise) Alex Lambert (Wed Aug 28 2002 - 20:03:08 CDT)
  - RE: A new approach toward teaching secure coding? (WWW or otherwise) Jason Coombs (Fri Aug 30 2002 - 18:11:06 CDT)
WG: On sessions (rather long) freddie.soerensen_at_conares.com (Mon Aug 26 2002 - 03:51:27 CDT)
Some questions regarding IIS, Certs and Security practices Gal.Rozov_at_eAladdin.com (Tue Aug 27 2002 - 05:33:59 CDT)
Access Management Products James Dawson (Wed Aug 28 2002 - 10:39:14 CDT)
- Re: Access Management Products Frank DeGilio (Wed Aug 28 2002 - 15:09:08 CDT)
- Re: Access Management Products Alberto Cozer (Wed Aug 28 2002 - 16:27:11 CDT)
- Re: Access Management Products Cyrill Osterwalder (Thu Aug 29 2002 - 02:34:11 CDT)
Manipulating Microsoft SQL Server Using SQL Injection Aaron C. Newman (Wed Aug 28 2002 - 11:38:02 CDT)
- Re: Manipulating Microsoft SQL Server Using SQL Injection (+ DNS Tunnels) Haroon Meer (Thu Aug 29 2002 - 03:45:45 CDT)
Metis 1.4.1 released Sacha Faust (Thu Aug 29 2002 - 01:31:47 CDT)
HTTPS Question Bob Lee (Sat Aug 31 2002 - 13:07:34 CDT)
- RE: HTTPS Question Lars Troen (Sat Aug 31 2002 - 17:01:27 CDT)
SPIKE Proxy 1.2 in SPIKE 2.6 Dave Aitel (Wed Sep 04 2002 - 11:22:41 CDT)
RE: A new approach toward teaching secure coding? (WWW or otherwi se) Filip Van Laenen (Mon Sep 09 2002 - 02:41:24 CDT)
- RE: A new approach toward teaching secure coding? (WWW or otherwi se) Nedunuri,Srinivas (Mon Sep 09 2002 - 14:43:58 CDT)
Re: PHP header() CRLF Injection Peter Conrad (Mon Sep 09 2002 - 02:47:38 CDT)
PHP Programming Guidelines [paper] Mikael Simonsson (Tue Sep 10 2002 - 08:09:57 CDT)
- Re: PHP Programming Guidelines [paper] Kevin Spett (Tue Sep 10 2002 - 09:04:15 CDT)
- RE: PHP Programming Guidelines [paper] John Percival (Tue Sep 10 2002 - 09:23:02 CDT)
web authentication Wang, Jack (Tue Sep 10 2002 - 08:29:40 CDT)
- RE: web authentication Ogle Ron (Rennes) (Tue Sep 10 2002 - 08:34:31 CDT)
- RE: web authentication De Ridder, Bavo (Tue Sep 10 2002 - 08:40:12 CDT)
- RE: web authentication Donoghue, Mark (Tue Sep 10 2002 - 08:46:52 CDT)
- RE: web authentication Ogle Ron (Rennes) (Tue Sep 10 2002 - 11:22:36 CDT)
- RE: web authentication Wang, Jack (Tue Sep 10 2002 - 09:23:45 CDT)
- RE: web authentication Soriano, Raymond (US - Miami) (Tue Sep 10 2002 - 09:14:01 CDT)
  - RE: web authentication Matt Woodyard (Thu Sep 12 2002 - 14:16:12 CDT)
    - RE: web authentication Andrew van der Stock (Fri Sep 13 2002 - 01:51:23 CDT)
- RE: web authentication Wang, Jack (Tue Sep 10 2002 - 09:45:13 CDT)
Do Browsers (IE) really check CRLs correctly? Raghavendran H. (SSG) - CTD, Chennai. (Thu Sep 12 2002 - 23:59:06 CDT)
- RE: Do Browsers (IE) really check CRLs correctly? Wall, Kevin (Fri Sep 13 2002 - 12:35:07 CDT)
- RE: Do Browsers (IE) really check CRLs correctly? Michael Howard (Fri Sep 13 2002 - 15:15:38 CDT)
- Re: Do Browsers (IE) really check CRLs correctly? Jean-Baptiste Marchand (Mon Sep 16 2002 - 09:25:36 CDT)
- RE: Do Browsers (IE) really check CRLs correctly? Michael Howard (Sat Sep 14 2002 - 10:43:12 CDT)
- RE: Do Browsers (IE) really check CRLs correctly? Raghavendran H. (SSG) - CTD, Chennai. (Sat Sep 14 2002 - 06:58:39 CDT)
- RE: Do Browsers (IE) really check CRLs correctly? Michael Howard (Tue Sep 17 2002 - 10:50:04 CDT)
Fw: Usefull tools for finding vulnerabilities in web-based programs? Nick Jacobsen (Tue Sep 17 2002 - 20:00:33 CDT)
- Re: Fw: Usefull tools for finding vulnerabilities in web-based programs? Chris Reining (Wed Sep 18 2002 - 12:46:10 CDT)
- Re: Fw: Usefull tools for finding vulnerabilities in web-based programs? Dave Aitel (Wed Sep 18 2002 - 07:37:29 CDT)
RE: Usefull tools for finding vulnerabilities in web-based progra ms? Vince Hoffman (Wed Sep 18 2002 - 08:21:30 CDT)
- RE: Usefull tools for finding vulnerabilities in web-based programs? Shashank Rai (Wed Sep 18 2002 - 11:52:32 CDT)
- RE: Usefull tools for finding vulnerabilities in web-based progra ms? Mark Curphey (Wed Sep 18 2002 - 11:57:17 CDT)
  - Re: Usefull tools for finding vulnerabilities in web-based progra ms? Kurt Seifried (Wed Sep 18 2002 - 18:36:08 CDT)
  - Re: Usefull tools for finding vulnerabilities in web-based progra ms? Nick Jacobsen (Wed Sep 18 2002 - 23:54:32 CDT)
    - Re: Usefull tools for finding vulnerabilities in web-based progra ms? Dave Aitel (Tue Sep 24 2002 - 08:21:28 CDT)
Fwd: Usefull tools for finding vulnerabilities in web-based progra ms? Dennis Groves (Thu Sep 19 2002 - 09:37:44 CDT)
- Re: Fwd: Usefull tools for finding vulnerabilities in web-based progra ms? Dave Aitel (Tue Sep 24 2002 - 08:36:28 CDT)
Re: Usefull tools for finding vulnerabilities in web-based programs? Kevin Spett (Thu Sep 19 2002 - 14:29:18 CDT)
SIDs in URLs when using HTTPS ? Benjamin (Fri Sep 20 2002 - 08:08:33 CDT)
- Re: SIDs in URLs when using HTTPS ? Sverre H. Huseby (Fri Sep 20 2002 - 11:20:11 CDT)
- Re: SIDs in URLs when using HTTPS ? Anthony Baratta (Fri Sep 20 2002 - 10:33:15 CDT)
- Re: SIDs in URLs when using HTTPS ? Fred Williams (Fri Sep 20 2002 - 10:21:27 CDT)
- RE: SIDs in URLs when using HTTPS ? Michael Howard (Fri Sep 20 2002 - 12:17:40 CDT)
- RE: SIDs in URLs when using HTTPS ? Dawes, Rogan (ZA - Johannesburg) (Fri Sep 20 2002 - 10:10:04 CDT)
- Re: SIDs in URLs when using HTTPS ? Bill Pennington (Fri Sep 20 2002 - 11:56:36 CDT)
- Re: SIDs in URLs when using HTTPS ? Bennett Todd (Fri Sep 20 2002 - 10:42:57 CDT)
- Re: SIDs in URLs when using HTTPS ? cdavison_at_nucleus.com (Fri Sep 20 2002 - 16:17:15 CDT)
OWASP Guide improvements Ulf Harnhammar (Sat Sep 21 2002 - 18:12:32 CDT)
- Re: OWASP Guide improvements Mark Curphey (Sat Sep 21 2002 - 19:13:52 CDT)
Could web browsers help prevent XSS? b0iler (Sun Sep 22 2002 - 01:09:12 CDT)
- Re: Could web browsers help prevent XSS? Laurian Gridinoc (Mon Sep 23 2002 - 08:19:06 CDT)
- Re: Could web browsers help prevent XSS? b0iler (Tue Sep 24 2002 - 11:37:05 CDT)
Now Online: OWASP Guide to Building Secure Web Applications v1.1 David Endler (Mon Sep 23 2002 - 15:48:58 CDT)
=?iso-8859-15?Q?=0D Warning : Security architecture can save your site !?= Security Architect (Mon Sep 23 2002 - 22:57:39 CDT)
- Re: =?iso-8859-15?Q?=0D Warning : Security architecture can save your site !?= Andrew Jaquith (Tue Sep 24 2002 - 09:43:59 CDT)
So whats in a good webappsec assesment tool ? Mark Curphey (Wed Sep 25 2002 - 15:08:41 CDT)
- Re: So whats in a good webappsec assesment tool ? Kurt Seifried (Thu Sep 26 2002 - 00:02:58 CDT)
  - Re: So whats in a good webappsec assesment tool ? Dave Aitel (Thu Sep 26 2002 - 08:20:24 CDT)
- Re: So whats in a good webappsec assesment tool ? Security Architect (Sun Sep 29 2002 - 16:54:41 CDT)
SPIKE Proxy 1.3 Release party at my house! Dave Aitel (Thu Sep 26 2002 - 12:54:46 CDT)
Using SPIKE zod (Fri Sep 27 2002 - 06:56:57 CDT)
- Re: Using SPIKE Dave Aitel (Fri Sep 27 2002 - 12:58:21 CDT)
PenProxy - an extremely simple web pen-test proxy Sverre H. Huseby (Fri Sep 27 2002 - 07:17:59 CDT)
List of open source web apps/tools - auditing/pen test/etc Hay, Brennan (Contractor) (Fri Sep 27 2002 - 12:50:21 CDT)
- Re: List of open source web apps/tools - auditing/pen test/etc Dan Cuthbert (Fri Sep 27 2002 - 15:02:04 CDT)
- Re: List of open source web apps/tools - auditing/pen test/etc Ulf H{rnhammar (Fri Sep 27 2002 - 15:06:49 CDT)
- Re: List of open source web apps/tools - auditing/pen test/etc contact_at_draco.mine.nu (Sat Sep 28 2002 - 05:30:14 CDT)
Rational Software employees ? Mark Curphey (Sun Sep 29 2002 - 16:27:44 CDT)
Bounced mail ? Mark Curphey (Sun Sep 29 2002 - 16:34:08 CDT)
Book Review "Web hacking: attacks and defense" zeno (Sun Sep 29 2002 - 21:13:33 CDT)
(no subject) Security Architect (Sun Sep 29 2002 - 16:38:00 CDT)

Last message date: Mon Sep 30 2002 - 09:26:58 CDT
Archived on: Mon Sep 30 2002 - 09:26:59 CDT

413 messages sorted by: [ author ] [ date ] [ subject ]