[ot] Re: [thelist] IP obfuscation
Aleem Bawany
aleem.bawany at utoronto.ca
Tue Feb 4 03:19:01 CST 2003
> ...yeah, and all it takes to figure out where you really
> are is to use wget to fetch the document (oh, look,
> there's the ip address, then 'host 215.119.117.224' -
> there's some domain names). trivial 'security' there.
[...]
yes, but wget is for fetching pages not auditing URI
obscurity/security. You could use other tools (ping), but not
many people think twice before clicking a link.
[...]
>
>> I think the URI interface needs better security.
>
> how so?
getting rid of dwords (long, single IP number) would be a
good start. And why would you need support for octal numbers
in the URI? It doesn't serve an immediate purpose and helps
obscurity. The URL should clearly indicate the domain. Other
techniques mentioned on http://www.pc-help.org/obscure.htm
seem like useless features waiting to be exploited. Infact some
might even be the culprit for directory traversal exploits and
lead to more complicated coding/testing on part of developers.
Other exploits come to mind, but are hazy... if I'm not mistaken
there were some exploits floating around, tricking IE into
thinking a site is in the secure zone when it wasn't (IE
thought the site was on localhost when it was really on a
remote host and other such stuff). That's one example of exploiting
URIs to trick the browser (rather than the untrained user).
I also remember reading another article on how semantic attacks are
the third wave of attacks.... ahh here it is:
http://www.counterpane.com/crypto-gram-0010.html
[Counterpage Security - Bruce Schneier]
"The third wave of network attacks is semantic attacks: attacks that
target the way we, as humans, assign meaning to content. In our
society, people tend to believe what they read"
Now that I think of it, the URI is being over-worked.
aleem
[ http://members.evolt.org/aleem/ ]
More information about the thelist
mailing list