NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > WWW-Mobile-Code> 2002-q4

Most recent messages
315 messages sorted by: [ author ] [ date ] [ subject ]

Starting: Mon Oct 07 2002 - 02:30:58 CDT
Ending: Tue Dec 31 2002 - 14:47:38 CST

OWASP Guide Version 1.1.1 Mark Curphey (Mon Oct 07 2002 - 02:26:02 CDT)
SPIKE 2.7 Released: There's a party at my house, so bring the beer and follow me.... Dave Aitel (Mon Oct 07 2002 - 08:20:59 CDT)
SPIKE Proxy for win32! Dave Aitel (Wed Oct 09 2002 - 17:49:25 CDT)
SAML vs WS Security Security Architect (Wed Oct 09 2002 - 23:34:08 CDT)
- Re: SAML vs WS Security Tim Valdez (Thu Oct 10 2002 - 10:08:17 CDT)
  - Re: SAML vs WS Security Andrew Jaquith (Fri Oct 11 2002 - 14:55:22 CDT)
Interesting article. zeno (Fri Oct 11 2002 - 09:46:48 CDT)
Re: Could web browsers help prevent XSS? Doug Sibley (Fri Oct 11 2002 - 23:19:21 CDT)
Apache and logging POST data zeno (Tue Oct 15 2002 - 11:37:25 CDT)
- Re: Apache and logging POST data Craig_Sullivan_at_Waitrose.co.uk (Wed Oct 16 2002 - 03:36:26 CDT)
- RE: Apache and logging POST data Chief Financial Officer (Wed Oct 16 2002 - 04:14:28 CDT)
"Forgot Password" function Brecrost Jones (Fri Oct 18 2002 - 12:31:30 CDT)
- Re: "Forgot Password" function David Bullock (Fri Oct 18 2002 - 13:09:29 CDT)
- Re: "Forgot Password" function Mark Curphey (Fri Oct 18 2002 - 13:17:49 CDT)
- Re: "Forgot Password" function Kevin Spett (Fri Oct 18 2002 - 13:25:08 CDT)
- Re: "Forgot Password" function Haroon Meer (Fri Oct 18 2002 - 13:29:09 CDT)
- Re: "Forgot Password" function Jeroen Latour (Fri Oct 18 2002 - 13:30:24 CDT)
- Re: "Forgot Password" function Chris Shepherd (Fri Oct 18 2002 - 13:32:31 CDT)
- Re: "Forgot Password" function Kevin Spett (Fri Oct 18 2002 - 14:52:15 CDT)
- Re: "Forgot Password" function Brecrost Jones (Fri Oct 18 2002 - 16:44:55 CDT)
  - Password Recovery (long) was Re: "Forgot Password" function Charles Miller (Sat Oct 19 2002 - 06:42:32 CDT)
- Re: "Forgot Password" function Kevin Spett (Fri Oct 18 2002 - 15:40:39 CDT)
- RE: "Forgot Password" function wsmith_at_icsalabs.com (Fri Oct 18 2002 - 15:15:46 CDT)
- RE: "Forgot Password" function Matthew_Chalmers_at_bankone.com (Sat Oct 19 2002 - 15:50:14 CDT)
- RE: "Forgot Password" function William Bartholomew (Sun Oct 20 2002 - 15:54:10 CDT)
  - Re: "Forgot Password" function Kevin Spett (Sun Oct 20 2002 - 20:19:39 CDT)
eWeek OpenHack challenge David Wong (Mon Oct 21 2002 - 00:27:37 CDT)
- Re: eWeek OpenHack challenge Mark Curphey (Tue Oct 22 2002 - 16:35:32 CDT)
  - Re: eWeek OpenHack Martin Eiszner (Wed Oct 23 2002 - 01:53:50 CDT)
- RE: eWeek OpenHack challenge David Wong (Wed Oct 23 2002 - 13:52:16 CDT)
  - RE: eWeek OpenHack challenge Dave Aitel (Wed Oct 23 2002 - 15:36:47 CDT)
- Re: eWeek OpenHack challenge Bryce Porter (Tue Oct 22 2002 - 17:02:04 CDT)
  - Re: eWeek OpenHack challenge Kevin Spett (Wed Oct 23 2002 - 14:55:31 CDT)
  - Re: eWeek OpenHack challenge Vasiliy Boulytchev (Wed Oct 23 2002 - 14:37:44 CDT)
- Re: eWeek OpenHack challenge Marty Block (Wed Oct 23 2002 - 20:57:43 CDT)
  - RE: eWeek OpenHack challenge Bill Martin (Thu Oct 24 2002 - 02:36:03 CDT)
  - Re: eWeek OpenHack challenge Kevin Spett (Thu Oct 24 2002 - 09:45:21 CDT)
Call For Papers Announcement: Black Hat Windows Security Jeff Moss (Mon Oct 21 2002 - 23:35:47 CDT)
RE: eWeek OpenHack Johnson, Michael1 [IT] (Wed Oct 23 2002 - 11:44:49 CDT)
OWASP Report and plan for 2003 Now Online The Owasp Project (Thu Oct 24 2002 - 17:06:37 CDT)
OWASP WebGoat release WebMaven v1.0 bill (Thu Oct 24 2002 - 16:19:14 CDT)
VulnXML coming to a WebAppSec scanner near you soon ! The Owasp Project (Thu Oct 24 2002 - 17:26:53 CDT)
Secure Coding for Newbies? Joe User (Mon Oct 28 2002 - 05:03:30 CST)
- Re: Secure Coding for Newbies? Kevin Spett (Mon Oct 28 2002 - 09:31:58 CST)
- Re: Secure Coding for Newbies? Dan Cuthbert (Mon Oct 28 2002 - 11:27:26 CST)
- Re: Secure Coding for Newbies? zeno (Mon Oct 28 2002 - 09:33:42 CST)
cgi to update a datable table Allan Wind (Mon Oct 28 2002 - 21:58:54 CST)
- RE: cgi to update a datable table Blake Frantz (Tue Oct 29 2002 - 10:05:01 CST)
  - Re: cgi to update a datable table Allan Wind (Tue Oct 29 2002 - 10:36:15 CST)
- RE: cgi to update a datable table Shields, Larry (Tue Oct 29 2002 - 12:34:03 CST)
- Re: cgi to update a datable table Allan Wind (Tue Oct 29 2002 - 14:35:58 CST)
Strange beaviour in sql injection Securityinfos (Tue Oct 29 2002 - 03:32:15 CST)
- RE: Strange beaviour in sql injection Dennis Hurst (Tue Oct 29 2002 - 08:06:34 CST)
  - Re: Strange beaviour in sql injection Mariusz Pekala (Sat Nov 30 2002 - 14:26:20 CST)
- Re: Strange beaviour in sql injection Kevin Spett (Tue Oct 29 2002 - 09:34:47 CST)
- RE: Strange beaviour in sql injection Brass, Phil (ISS Atlanta) (Wed Oct 30 2002 - 05:23:50 CST)
Java Object Inspector 1.0 Jan P. Monsch (Tue Oct 29 2002 - 13:12:48 CST)
XXE (Xml eXternal Entity) attack Gregory Steuck (Tue Oct 29 2002 - 18:30:23 CST)
- Re: XXE (Xml eXternal Entity) attack Miles Sabin (Wed Oct 30 2002 - 03:15:54 CST)
- RE: XXE (Xml eXternal Entity) attack Michael Howard (Wed Oct 30 2002 - 00:50:05 CST)
- Re: XXE (Xml eXternal Entity) attack Matt Sergeant (Mon Nov 04 2002 - 05:12:04 CST)
Demystifying SASL Sasha Romanosky (Thu Oct 31 2002 - 19:07:39 CST)
IIS 5.0 with Integrated Window Authentication cc_mofo_at_hushmail.com (Wed Nov 06 2002 - 14:15:11 CST)
- Re: IIS 5.0 with Integrated Window Authentication Haroon Meer (Wed Nov 06 2002 - 14:44:23 CST)
  - RE: IIS 5.0 with Integrated Window Authentication Jason Coombs (Wed Nov 06 2002 - 16:21:46 CST)
    - Re: IIS 5.0 with Integrated Window Authentication Dave Aitel (Thu Nov 07 2002 - 10:58:33 CST)
    - Re: [Spike] Re: IIS 5.0 with Integrated Window Authentication Dave Aitel (Thu Nov 07 2002 - 17:21:05 CST)
- RE: IIS 5.0 with Integrated Window Authentication Michael Howard (Wed Nov 06 2002 - 15:45:56 CST)
- Re: IIS 5.0 with Integrated Window Authentication Sebastian Flothow (Wed Nov 06 2002 - 16:27:54 CST)
  - Re: IIS 5.0 with Integrated Window Authentication sunzi (Thu Nov 07 2002 - 13:43:05 CST)
  - Re: IIS 5.0 with Integrated Window Authentication Dave Aitel (Thu Nov 07 2002 - 13:35:23 CST)
- Re: IIS 5.0 with Integrated Window Authentication cc_mofo_at_hushmail.com (Thu Nov 07 2002 - 15:25:56 CST)
- Re: IIS 5.0 with Integrated Window Authentication cc_mofo_at_hushmail.com (Tue Nov 12 2002 - 17:34:02 CST)
"SAML 1.0 specification gets a thumbs-up" Tim Valdez (Wed Nov 06 2002 - 18:45:06 CST)
Definitive How-To for Spike Jeremy Junginger (Thu Nov 07 2002 - 11:15:02 CST)
Securing OWA on public computers. agtads_at_hotmail.com (Thu Nov 07 2002 - 12:50:12 CST)
- Re: Securing OWA on public computers. Kurt Seifried (Thu Nov 07 2002 - 17:38:58 CST)
- Re: Securing OWA on public computers. Alexander (Sun Nov 10 2002 - 09:04:45 CST)
When GET = POST? Chris Thomas (Tue Nov 05 2002 - 04:54:13 CST)
- Re: When GET = POST? David Bullock (Sat Nov 09 2002 - 01:49:28 CST)
- Re: When GET = POST? Alonso Robles (Sat Nov 09 2002 - 04:38:15 CST)
  - Re: When GET = POST? Jonas Anden (Sun Nov 10 2002 - 09:25:34 CST)
  - Re: When GET = POST? Vincent Janelle (Sun Nov 10 2002 - 15:49:31 CST)
- RE: When GET = POST? Tony Welsh (Sat Nov 09 2002 - 07:11:16 CST)
  - Re: When GET = POST? Adrian Wiesmann (Sun Nov 10 2002 - 15:02:31 CST)
- Re: When GET = POST? Kevin Spett (Mon Nov 11 2002 - 10:41:05 CST)
  - Re: When GET = POST? Jason Childers (Mon Nov 11 2002 - 12:17:34 CST)
- Re: When GET = POST? Charles Miller (Mon Nov 11 2002 - 14:28:44 CST)
  - Re: When GET = POST? Jeff Dafoe (Mon Nov 11 2002 - 19:41:52 CST)
    - Re: When GET = POST? Jason Healy (Mon Nov 11 2002 - 21:50:44 CST)
  - Re: When GET = POST? Kevin Spett (Tue Nov 12 2002 - 09:45:34 CST)
    - Re: When GET = POST? Daniel Hedrick (Tue Nov 12 2002 - 12:28:49 CST)
- Re: When GET = POST? Steven M. Christey (Mon Nov 11 2002 - 20:22:12 CST)
- RE: When GET = POST? Glyn Geoghegan (Thu Nov 14 2002 - 04:07:16 CST)
- RE: When GET = POST? Glyn Geoghegan (Thu Nov 14 2002 - 04:21:36 CST)
Mozilla Pheonix Prevents XSS ? securityarchitect_at_hush.com (Mon Nov 11 2002 - 11:57:11 CST)
nikto output question Martin Wasson (Tue Nov 12 2002 - 12:17:06 CST)
- Re: nikto output question sunzi (Thu Nov 14 2002 - 12:37:43 CST)
OWASP Security RUP Plug-in and Java App Server Security Config Guides Mark Curphey (Wed Nov 13 2002 - 15:56:02 CST)
SPIKE Proxy 1.4.6 released Dave Aitel (Mon Nov 18 2002 - 10:08:28 CST)
OWASP WebGoat V2 - beta 1 (Java) Mark Curphey (Tue Nov 19 2002 - 00:49:12 CST)
OWASP CodeSeeker - An Open Source Application Firewall and IDS Mark Curphey (Tue Nov 19 2002 - 01:00:54 CST)
web appliaction security products (AKA application firewalls) Shimon Silberschlag (Wed Nov 20 2002 - 02:21:21 CST)
- Re: web appliaction security products (AKA application firewalls) Skip Carter (Fri Nov 22 2002 - 11:13:08 CST)
- Re: web appliaction security products (AKA application firewalls) Kevin Spett (Sat Nov 23 2002 - 12:43:54 CST)
- RE: web appliaction security products (AKA application firewalls) Lars Troen (Sun Nov 24 2002 - 14:00:25 CST)
  - Re: web appliaction security products (AKA application firewalls) Dave Aitel (Sun Nov 24 2002 - 14:44:27 CST)
- Re: web appliaction security products (AKA application firewalls) securityarchitect_at_hush.com (Fri Nov 22 2002 - 12:09:45 CST)
  - Re: web appliaction security products (AKA application firewalls) Dave Aitel (Sun Nov 24 2002 - 15:38:34 CST)
- RE: web appliaction security products (AKA application firewalls) Fernando Martins (Sat Nov 23 2002 - 04:38:01 CST)
- Re: web appliaction security products (AKA application firewalls) Jason Childers (Fri Nov 22 2002 - 12:24:32 CST)
  - Re: web appliaction security products (AKA application firewalls) Bennett Todd (Mon Nov 25 2002 - 11:20:17 CST)
Metis 2.0 released Sacha Faust (Sat Nov 23 2002 - 22:32:32 CST)
Hijacking URL Encoded Session IDs using Referer Logs Bob Lee (Sat Nov 23 2002 - 14:38:11 CST)
- Re: Hijacking URL Encoded Session IDs using Referer Logs zeno (Mon Nov 25 2002 - 07:48:57 CST)
  - Re: Hijacking URL Encoded Session IDs using Referer Logs Bob Lee (Mon Nov 25 2002 - 08:32:49 CST)
- Re: Hijacking URL Encoded Session IDs using Referer Logs ONEILL David J (Mon Nov 25 2002 - 09:39:04 CST)
- Re: Hijacking URL Encoded Session IDs using Referer Logs Craig_Sullivan_at_Waitrose.co.uk (Mon Nov 25 2002 - 09:45:46 CST)
- Re: Hijacking URL Encoded Session IDs using Referer Logs UDP 53 (Thu Dec 05 2002 - 06:42:06 CST)
HTTP authentication and session timeout UDP 53 (Mon Nov 25 2002 - 05:13:02 CST)
- RE: HTTP authentication and session timeout Dawes, Rogan (ZA - Johannesburg) (Mon Nov 25 2002 - 08:57:47 CST)
  - Re: HTTP authentication and session timeout Craig Skelton (Mon Nov 25 2002 - 09:28:05 CST)
    - RE: HTTP authentication and session timeout Jason Coombs (Mon Nov 25 2002 - 13:53:26 CST)
    - Re: HTTP authentication and session timeout Craig Skelton (Mon Nov 25 2002 - 19:09:09 CST)
Re: HTTP Authentication & Source IP Address James Wilkinson (Sat Nov 30 2002 - 07:13:55 CST)
- Re: HTTP Authentication & Source IP Address Dorian Moore (Sat Nov 30 2002 - 09:55:50 CST)
- RE: HTTP Authentication & Source IP Address Matt Petteys (Sat Nov 30 2002 - 10:37:59 CST)
  - Dead Thread - HTTP Authentication & Source IP Address Mark Curphey (Sat Nov 30 2002 - 11:19:27 CST)
- Re: HTTP Authentication & Source IP Address Jeff Dafoe (Sat Nov 30 2002 - 10:56:33 CST)
Top Ten Web App Sec Problems Mark Curphey (Sat Nov 30 2002 - 11:24:17 CST)
- Re: Top Ten Web App Sec Problems zeno (Sat Nov 30 2002 - 11:37:07 CST)
  - Re: Top Ten Web App Sec Problems Mark Curphey (Sat Nov 30 2002 - 13:21:55 CST)
  - Re: Top Ten Web App Sec Problems Andrew Jaquith (Mon Dec 02 2002 - 17:23:12 CST)
    - Re: Top Ten Web App Sec Problems Alex Russell (Mon Dec 02 2002 - 19:36:29 CST)
- FW: Top Ten Web App Sec Problems Keith T. Morgan (Mon Dec 02 2002 - 10:37:48 CST)
- Re: Top Ten Web App Sec Problems Steven M. Christey (Mon Dec 02 2002 - 15:33:55 CST)
  - RE: Top Ten Web App Sec Problems Richard M. Smith (Mon Dec 02 2002 - 17:13:28 CST)
- Re: Top Ten Web App Sec Problems Jeff Williams _at_ Aspect (Mon Dec 02 2002 - 20:16:17 CST)
- RE: Top Ten Web App Sec Problems Craig, Scott (Tue Dec 03 2002 - 07:10:48 CST)
- RE: Top Ten Web App Sec Problems Steven M. Christey (Tue Dec 03 2002 - 14:57:05 CST)
  - RE: Top Ten Web App Sec Problems Richard M. Smith (Tue Dec 03 2002 - 15:41:02 CST)
- RE: Top Ten Web App Sec Problems b0iler _ (Tue Dec 03 2002 - 20:52:46 CST)
- Re: Top Ten Web App Sec Problems Jeff Williams _at_ Aspect (Wed Dec 04 2002 - 09:57:39 CST)
- Re: Top Ten Web App Sec Problems Steven M. Christey (Wed Dec 04 2002 - 15:39:10 CST)
Web App Sec ROI Mark Curphey (Sat Nov 30 2002 - 11:26:46 CST)
- Re: Web App Sec ROI zeno (Sat Nov 30 2002 - 11:40:16 CST)
- Re: Web App Sec ROI securityarchitect_at_hush.com (Sat Nov 30 2002 - 13:13:10 CST)
Great XML Security Primer Mark Curphey (Sun Dec 01 2002 - 09:52:05 CST)
- Re: Great XML Security Primer Javier Fernández-Sanguino Peña (Mon Dec 09 2002 - 08:48:49 CST)
Can I obtain BASIC AUTH credentials using an XSS vulnerbility frank fish (Mon Dec 02 2002 - 09:14:20 CST)
- Re: Can I obtain BASIC AUTH credentials using an XSS vulnerbility Jill Tovey (Thu Dec 05 2002 - 05:10:36 CST)
WebAppSec Training Courses in UK phuc4_at_hushmail.com (Mon Dec 02 2002 - 10:07:29 CST)
- Re: WebAppSec Training Courses in UK Dan Cuthbert (Mon Dec 02 2002 - 15:57:03 CST)
  - Re: WebAppSec Training Courses in UK Kevin Spett (Mon Dec 02 2002 - 16:34:55 CST)
- Re: WebAppSec Training Courses in UK Mark Curphey (Mon Dec 02 2002 - 16:43:08 CST)
- RE: WebAppSec Training Courses in UK Glyn Geoghegan (Tue Dec 03 2002 - 03:54:14 CST)
- RE: WebAppSec Training Courses in UK securityarchitect_at_hush.com (Tue Dec 03 2002 - 13:08:39 CST)
  - Re: WebAppSec Training Courses in UK Kevin Spett (Tue Dec 03 2002 - 16:27:27 CST)
  - RE: WebAppSec Training Courses in UK Glyn (Wed Dec 04 2002 - 04:18:51 CST)
- RE: WebAppSec Training Courses in UK Craig_Sullivan_at_Waitrose.co.uk (Wed Dec 04 2002 - 09:39:40 CST)
- RE: WebAppSec Training Courses in UK securityarchitect_at_hush.com (Wed Dec 04 2002 - 11:02:30 CST)
- RE: WebAppSec Training Courses in UK Craig_Sullivan_at_Waitrose.co.uk (Wed Dec 04 2002 - 12:24:37 CST)
OpenHack and OWASP Testing Methodology David Endler (Tue Dec 03 2002 - 10:08:36 CST)
- Re: OpenHack and OWASP Testing Methodology jcosta_at_lendleaserei.com (Tue Dec 03 2002 - 13:22:46 CST)
IIS session cookies Cade Cairns (Thu Dec 05 2002 - 16:29:32 CST)
- RE: IIS session cookies Michael Howard (Fri Dec 06 2002 - 10:42:41 CST)
- Re: IIS session cookies Takayuki Nakamura (Thu Dec 05 2002 - 22:43:41 CST)
- Re: IIS session cookies Kevin Spett (Thu Dec 05 2002 - 18:34:15 CST)
  - Re: IIS session cookies Cade Cairns (Fri Dec 06 2002 - 01:48:34 CST)
    - Re: IIS session cookies Kevin Spett (Fri Dec 06 2002 - 09:18:35 CST)
- Re: IIS session cookies securityarchitect_at_hush.com (Sat Dec 07 2002 - 20:51:48 CST)
  - RE: IIS session cookies Forrest Lee Andrews (Sat Dec 07 2002 - 22:00:23 CST)
- RE: IIS session cookies Kapila, Sai (Sun Dec 08 2002 - 17:57:02 CST)
Computer world article highliting the importance of webappsec Keith T. Morgan (Thu Dec 05 2002 - 18:39:44 CST)
OWASP Guide Version 2 - New Authors Wanted Mark Curphey (Sat Dec 07 2002 - 21:13:08 CST)
Sequence Identification Routines? Nick Jacobsen (Mon Dec 09 2002 - 02:51:50 CST)
- Re: Sequence Identification Routines? Charlie Root (Mon Dec 09 2002 - 12:06:03 CST)
- Re: Sequence Identification Routines? Jeff Williams _at_ Aspect (Mon Dec 09 2002 - 10:00:21 CST)
- RE: Sequence Identification Routines? Tony Welsh (Mon Dec 09 2002 - 14:18:11 CST)
- Re: Sequence Identification Routines? maddany (Mon Dec 09 2002 - 15:27:36 CST)
- RE: Sequence Identification Routines? Dawes, Rogan (ZA - Johannesburg) (Tue Dec 10 2002 - 10:23:54 CST)
- RE: Sequence Identification Routines? securityarchitect_at_hush.com (Tue Dec 10 2002 - 12:02:33 CST)
RE: Computer world article highlighting the importance of webapps ec St. Clair, James (Mon Dec 09 2002 - 06:31:48 CST)
Web single sign-on Marty (Mon Dec 09 2002 - 12:11:46 CST)
- Re: Web single sign-on securityarchitect_at_hush.com (Mon Dec 09 2002 - 13:54:46 CST)
  - RE: Web single sign-on Sarbjit Singh Gill (Mon Dec 09 2002 - 15:36:50 CST)
- RE: Web single sign-on Simon Cunningham (Mon Dec 09 2002 - 14:26:38 CST)
- Re: Web single sign-on wbjw_at_mindspring.com (Mon Dec 09 2002 - 15:06:03 CST)
  - Re: Web single sign-on Greg Gagnon (Tue Dec 10 2002 - 11:23:32 CST)
- RE: Web single sign-on securityarchitect_at_hush.com (Mon Dec 09 2002 - 15:43:17 CST)
- FW: Web single sign-on johneder_at_hushmail.com (Tue Dec 10 2002 - 11:06:06 CST)
- Re: Web single sign-on Andrew Chong (Wed Dec 11 2002 - 03:23:54 CST)
JSP Security - Limiting URL's securityarchitect_at_hush.com (Mon Dec 09 2002 - 16:42:56 CST)
- Re: JSP Security - Limiting URL's Jeff Williams _at_ Aspect (Mon Dec 09 2002 - 20:10:46 CST)
  - Re: JSP Security - Limiting URL's Andrew Jaquith (Tue Dec 10 2002 - 08:39:28 CST)
- Re: JSP Security - Limiting URL's Steve Posick (Tue Dec 10 2002 - 08:48:02 CST)
  - Re: JSP Security - Limiting URL's mlh_at_zip.com.au (Tue Dec 10 2002 - 16:09:46 CST)
- Re: JSP Security - Limiting URL's Jeremy Poteet (Tue Dec 10 2002 - 08:42:40 CST)
Apache module: mod_security Ivan Ristic (Tue Dec 10 2002 - 07:37:33 CST)
- Re: Apache module: mod_security Dave Aitel (Tue Dec 10 2002 - 08:31:47 CST)
  - Re: Apache module: mod_security Bill Burge (Tue Dec 10 2002 - 09:31:12 CST)
    - Re: Apache module: mod_security Ivan Ristic (Tue Dec 10 2002 - 10:35:18 CST)
  - Re: Apache module: mod_security Ivan Ristic (Tue Dec 10 2002 - 09:43:32 CST)
- Re: Apache module: mod_security Klaus Doerrscheidt (Tue Dec 10 2002 - 10:02:12 CST)
- Re: Apache module: mod_security zeno (Tue Dec 10 2002 - 12:13:15 CST)
- Re: Apache module: mod_security Gabe Lawrence (Tue Dec 10 2002 - 13:17:51 CST)
XSS John Madden (Tue Dec 10 2002 - 08:38:53 CST)
- Re: XSS zeno (Tue Dec 10 2002 - 08:57:39 CST)
- RE: XSS Eyal Udassin (Tue Dec 10 2002 - 09:23:11 CST)
- Re: XSS Kevin Spett (Tue Dec 10 2002 - 09:26:06 CST)
  - Re: XSS John Madden (Tue Dec 10 2002 - 10:35:55 CST)
- RE: XSS Ernesto Funes (Tue Dec 10 2002 - 10:45:25 CST)
- Re: XSS zeno (Tue Dec 10 2002 - 12:35:38 CST)
  - RE: XSS Brett Moore (Tue Dec 10 2002 - 15:59:50 CST)
    - Re: XSS zeno (Tue Dec 10 2002 - 15:59:44 CST)
- RE: XSS David Endler (Tue Dec 10 2002 - 12:40:08 CST)
- Re: XSS appsec_at_technicalinfo.net (Sun Dec 15 2002 - 16:31:05 CST)
ENC: W3C XML encryption specs approved Mads Rasmussen (Wed Dec 11 2002 - 05:36:13 CST)
forbidden functions on client-side scripts Shimon Silberschlag (Wed Dec 11 2002 - 11:06:18 CST)
- RE: forbidden functions on client-side scripts Uzi Refaeli (Thu Dec 12 2002 - 01:12:19 CST)
- Re: forbidden functions on client-side scripts Alonso Robles (Thu Dec 12 2002 - 02:36:39 CST)
- RE: forbidden functions on client-side scripts Thor Larholm (Fri Dec 13 2002 - 06:21:17 CST)
Web Application Analysis Tools? David Simcik (Thu Dec 12 2002 - 11:50:27 CST)
- Re: Web Application Analysis Tools? Kevin Spett (Thu Dec 12 2002 - 12:47:00 CST)
  - Re: Web Application Analysis Tools? Jeff Williams _at_ Aspect (Thu Dec 12 2002 - 13:08:39 CST)
  - Re: Web Application Analysis Tools? Kevin Spett (Thu Dec 12 2002 - 14:54:33 CST)
- Re: Web Application Analysis Tools? Martin Eiszner (Thu Dec 12 2002 - 12:20:31 CST)
- RE: Web Application Analysis Tools? Lars Troen (Thu Dec 12 2002 - 12:29:43 CST)
Java validaton article Andrew Jaquith (Thu Dec 12 2002 - 13:09:39 CST)
XSS Strings securityarchitect_at_hush.com (Mon Dec 16 2002 - 01:54:52 CST)
- Re: XSS Strings Martin Eiszner (Mon Dec 16 2002 - 02:39:50 CST)
- Re: XSS Strings Jeroen Latour (Mon Dec 16 2002 - 02:49:31 CST)
- RE: XSS Strings Glyn (Mon Dec 16 2002 - 05:23:59 CST)
- Re: XSS Strings Tomas (Mon Dec 16 2002 - 05:42:40 CST)
  - encoder N30 (Thu Dec 19 2002 - 16:10:17 CST)
    - Re: encoder Kevin Spett (Thu Dec 19 2002 - 16:42:26 CST)
XSS and URL Encoded Session IDs B F (Mon Dec 16 2002 - 14:18:30 CST)
- RE: XSS and URL Encoded Session IDs The Crocodile (Tue Dec 17 2002 - 06:10:12 CST)
- Re: XSS and URL Encoded Session IDs Ryan Yagatich (Tue Dec 17 2002 - 05:21:38 CST)
  - Re: XSS and URL Encoded Session IDs Matthew Miller (Tue Dec 17 2002 - 10:56:39 CST)
modify non-persistent cookies mono toy (Tue Dec 17 2002 - 04:55:49 CST)
- Re: modify non-persistent cookies Peter Conrad (Tue Dec 17 2002 - 09:43:46 CST)
- RE: modify non-persistent cookies Glyn (Tue Dec 17 2002 - 10:07:59 CST)
- Re: modify non-persistent cookies MICHAEL GERMONY (Tue Dec 17 2002 - 13:17:19 CST)
- RE: modify non-persistent cookies Chris Neppes (Tue Dec 17 2002 - 13:37:18 CST)
- RE: modify non-persistent cookies Venkat, Sanjay (Tue Dec 17 2002 - 16:57:01 CST)
- Re: modify non-persistent cookies securityarchitect_at_hush.com (Tue Dec 17 2002 - 17:05:34 CST)
- Re: modify non-persistent cookies zeno (Tue Dec 17 2002 - 20:48:20 CST)
- RE: modify non-persistent cookies Uzi Refaeli (Wed Dec 18 2002 - 01:18:03 CST)
- Re: modify non-persistent cookies Kevin Spett (Wed Dec 18 2002 - 12:20:58 CST)
- SUMMARY modify non-persistent cookies and more q's mono toy (Thu Dec 19 2002 - 08:14:32 CST)
Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Mark Curphey (Wed Dec 18 2002 - 12:33:38 CST)
- Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Sverre H. Huseby (Thu Dec 19 2002 - 13:45:48 CST)
  - Re: Security Paper: Session Fixation Vulnerability in Web-based Applications Bill Pennington (Thu Dec 19 2002 - 15:56:07 CST)
- Re: Fwd: Security Paper: Session Fixation Vulnerability in Web-based Applications Craig_Sullivan_at_Waitrose.co.uk (Fri Dec 20 2002 - 04:15:09 CST)
post to bugtraq about "session fixation" Alex Russell (Wed Dec 18 2002 - 14:13:26 CST)
- Re: post to bugtraq about "session fixation" securityarchitect_at_hush.com (Wed Dec 18 2002 - 13:28:34 CST)
  - Re: post to bugtraq about "session fixation" Kevin Spett (Wed Dec 18 2002 - 15:18:56 CST)
    - Re: post to bugtraq about "session fixation" Alex Russell (Wed Dec 18 2002 - 16:49:52 CST)
- Re: post to bugtraq about "session fixation" Panayiotis A. Thermos (Wed Dec 18 2002 - 14:49:31 CST)
- Re: post to bugtraq about "session fixation" Steven M. Christey (Thu Dec 19 2002 - 16:37:55 CST)
  - Re: post to bugtraq about "session fixation" Cesar (Fri Dec 20 2002 - 10:00:19 CST)
    - Re: post to bugtraq about "session fixation" H D Moore (Fri Dec 20 2002 - 13:22:29 CST)
Merry Christmas and a Happy New Year. Mark Curphey (Fri Dec 20 2002 - 10:57:19 CST)
securing web based game Tomas (Sun Dec 22 2002 - 08:33:35 CST)
- Re: securing web based game Adam [ckkl] (Sun Dec 22 2002 - 11:15:06 CST)
  - Re: securing web based game Adrian Wiesmann (Sun Dec 22 2002 - 16:41:16 CST)
Mangle available for download Dawes, Rogan (ZA - Johannesburg) (Sun Dec 22 2002 - 10:34:08 CST)
JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Christopher Todd (Mon Dec 30 2002 - 14:29:26 CST)
- Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Kevin Spett (Mon Dec 30 2002 - 16:32:13 CST)
  - Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Dave Aitel (Mon Dec 30 2002 - 17:14:39 CST)
    - Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Kevin Spett (Mon Dec 30 2002 - 17:48:35 CST)
    - Re: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Jeff Williams _at_ Aspect (Mon Dec 30 2002 - 21:37:19 CST)
- RE: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Michael Howard (Tue Dec 31 2002 - 13:34:07 CST)
  - RE: JDBC PreparedStatements, Java Data Objects/O-R mapping, and SQL Injection Christopher Todd (Tue Dec 31 2002 - 14:29:39 CST)

Last message date: Tue Dec 31 2002 - 14:47:38 CST
Archived on: Tue Dec 31 2002 - 14:47:38 CST

315 messages sorted by: [ author ] [ date ] [ subject ]