public marks

PUBLIC MARKS with tags http & security


Google+ Gets a “+1″ for Browser Security

by marco
Set-Cookie Secure, Set-Cookie HttpOnly, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection


Bouncer - znarf's Bouncer at master - GitHub

by Xavier Lacot
Bouncer is a real time statistics and security engine written in PHP5. It analyses the browser or bot version, and detects eventual bad behaviors in order to prevent spam.

Bad Behavior / Bad Behaviour:

by Krome & 2 others
Bad Behavior / Bad Behaviour Home of the Web’s premier link spam killer.



Set Up Gateway Level Virus Security With ClamAV And SafeSquid Proxy | HowtoForge - Linux Howtos and Tutorials

by camel
In this HowTo, I will explain how you can secure your network from virus and other malware, by installing ClamAV and integrating it with SafeSquid, to scan all in-coming content for virus, and block all infected content at the HTTP Gateway, even before it enters your network. Virus Security In SafeSquid SafeSquid has built-in connectivity to various daemon based anti virus software like ClamAV, Sophos, Avast, F-Prot, NOD32 and Kaspersky. It also has a universal ICAP (Internet Content Adaptation Protocol) client that can be used to connect to ICAP based security software like Dr.Web ICAP, Kaspersky Antivirus for Proxy Server, Trend Micro InterScan Web Security and Symantec Scan Engine. You can even use multiple anti virus software with SafeSquid to simultaneously scan in-coming content. This does not cause any significant latency, since SafeSquid has a multi-threaded architecture.

Apsis Gmbh

by camel & 2 others
The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no warranty, it's free to use, copy and give away. WHAT POUND IS: 1. a reverse-proxy: it passes requests from client browsers to one or more back-end servers. 2. a load balancer: it will distribute the requests from the client browsers among several back-end servers, while keeping session information. 3. an SSL wrapper: Pound will decrypt HTTPS requests from client browsers and pass them as plain HTTP to the back-end servers. 4. an HTTP/HTTPS sanitizer: Pound will verify requests for correctness and accept only well-formed ones. 5. a fail over-server: should a back-end server fail, Pound will take note of the fact and stop passing requests to it until it recovers. 6. a request redirector: requests may be distributed among servers according to the requested URL. Pound is a very small program, easily audited for security problems. It can run as setuid/setgid and/or in a chroot jail. Pound does not access the hard-disk at all (except for reading the certificate file on start, if required) and should thus pose no security threat to any machine.


0x000000 ◊ The Hacker Webzine

by mbertier
I've talked about CSRF before, but this time I wanted to show some of the underlying basics of it and explain why it isn't a new trick or something special. It is part of browsers and the way HTTP works, also to remove any argument that POST should be safer then GET. I know this is Internet basics, it still can be refreshing to read it over from time to time.



by jackiege


Active users

last mark : 05/09/2011 17:16

last mark : 23/11/2010 09:25

Xavier Lacot
last mark : 18/06/2010 07:39

last mark : 28/05/2010 09:48

last mark : 01/10/2009 18:45

last mark : 23/09/2009 11:38

last mark : 28/08/2009 13:53

last mark : 19/03/2008 09:00

last mark : 31/08/2007 15:08

last mark : 06/07/2007 07:38

last mark : 30/09/2006 20:29

last mark : 02/09/2006 06:52

last mark : 21/06/2006 13:09

last mark : 22/05/2006 12:12

last mark : 29/04/2006 00:22

last mark : 14/10/2005 17:32

last mark : 01/06/2005 16:27