OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Gary Merinstein (gmerinEURISKO.COM)
Date: Thu Sep 06 2001 - 12:28:32 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Field validation before processing the data submitted, is "new" and "whiz
    bang"? It used to be just good coding practices, but then so was the
    concept of "code-review"....

    At 03:21 PM 9/6/2001 +1000, you wrote:
    >Steve Gibson has come up with a new whiz bang way to protect all IIS web
    >servers from malformed URLs. He posted the news in his News group -
    >http://grc.com/x/talk.exe?cmd=article&group=grc.news&item=200&utag= and the
    >relevent page will be at http://grc.com/apf/ when he finishes it.
    >
    >Could so many security vulnerabilities be fixed so simply?
    >
    >Regards,
    >Howard Marsh
    >Computer Consultant
    >Network Administrator
    >Mobile: +61 0416 280 649
    >E-Mail: <mailto:hgmarshhwmc.com.au> or
    ><mailto:administratorgawb.qld.gov.au>
    >
    >
    >
    >
    >Important:
    >This email may contain information that represents the views and opinions of
    >the author and so may not necessarily reflect the views and opinions of the
    >Gladstone Area Water Board as an organisation.
    >
    >The information in this email may be privileged and confidential. It is
    >intended solely for the use of the addressee(s) named. Any unauthorised use
    >of the email or contents is expressly prohibited.
    >
    >If you have received this email in error, please advise us on 61 7 4976 3000
    >or by return email and then delete it.
    >
    >Gladstone Area Water Board, PO Box 466, 147 Goondoon St, Gladstone QLD 4680
    >Australia
    >ABN 88 409 667 181, FAX: 61 7 4972 5632,
    >email: gawbgawb.qld.gov.au, web site: www.gawb.qld.gov.au
    >
    >_____________________________________________________________________
    >** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
    >** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
    >SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net

    _____________________________________________________________________
    ** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
    ** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
    SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net