[Tfug] debian 4 security

eric christian ericdanc at alice-dsl.net
Thu Jun 5 21:10:00 MST 2008


> Date: Thu, 5 Jun 2008 10:50:04 -0700
> From: "Ronald Sutherland" <ronald.sutherland at gmail.com>
> Subject: Re: [Tfug] debian 4 security
> To: "Tucson Free Unix Group" <tfug at tfug.org>
> Message-ID:
> .....
>   
> its the cookies that ID you... so use a different user when you doing
> banking... and yet another when doing the stuff you are concerned about
> someone finding out.
>   
yup, damn cookies, but good idea to use different users. There is, 
however, another issue here, just as important as cookies and that is 
the "referrer". I found beonex 0.82.-stable where you can create fake 
referrers or turn them off. Testing iceweasel with sec scans I would get 
red frownies (or yellow ones when i turned off cookies). With beonex - 
cookies and referrer off - I get green smile :-) ies...
Eric




More information about the tfug mailing list