Comments on: Snippets of defense Pt.IV http://www.gnucitizen.org/blog/snippets-of-defense-ptiv/ Information Security Think Tank Mon, 12 Dec 2011 19:56:03 +0000 hourly 1 http://wordpress.org/?v=3.1.2 By: Content Injection: Hack the Hacker | GNUCITIZEN http://www.gnucitizen.org/blog/snippets-of-defense-ptiv/comment-page-1/#comment-130863 Content Injection: Hack the Hacker | GNUCITIZEN Fri, 13 May 2011 21:33:16 +0000 http://www.gnucitizen.org/blog/snippets-of-defense-ptiv#comment-130863 [...] I don’t know how realistic this would be but it could be fun concept to investigate. Imagine setting up modules on your reverse proxy. As user visits the site, different modules could get launched during different requests. One module could detect a user’s browser plugins. One module could detect Tor and other services with Tor. Put the results into a hashing algorithm and you have a semi-unique client fingerprint regardless of IP address (although privacy laws could restrict these kinds of requests). OR, our reverse proxy could inject random code snippets of defense, overwriting and hijacking JavaScript functions (i.e. alert) with our own action (i.e. logging, blocking etc). Check out some of Mario’s code snippets of defense for the idea: here, here, here, and here [...] [...] I don’t know how realistic this would be but it could be fun concept to investigate. Imagine setting up modules on your reverse proxy. As user visits the site, different modules could get launched during different requests. One module could detect a user’s browser plugins. One module could detect Tor and other services with Tor. Put the results into a hashing algorithm and you have a semi-unique client fingerprint regardless of IP address (although privacy laws could restrict these kinds of requests). OR, our reverse proxy could inject random code snippets of defense, overwriting and hijacking JavaScript functions (i.e. alert) with our own action (i.e. logging, blocking etc). Check out some of Mario’s code snippets of defense for the idea: here, here, here, and here [...]

]]> By: seraph http://www.gnucitizen.org/blog/snippets-of-defense-ptiv/comment-page-1/#comment-63556 seraph Wed, 31 Oct 2007 18:01:20 +0000 http://www.gnucitizen.org/blog/snippets-of-defense-ptiv#comment-63556 pdp, I do not intend to sound ignorant, but wouldn't this also e bypassed if you simply declare a character encoding in your meta tags? Please shed some light. pdp, I do not intend to sound ignorant, but wouldn’t this also e bypassed if you simply declare a character encoding in your meta tags?

Please shed some light.

]]>