Referers

Last Reviews & Articles

4GB Gets Cheap: 9 Dual-Channel Kits Compared

Published on December 01, 2008

Recent price drops have made 4 GB DDR2 dual-channel kits affordable for even the most cost-conscious buyers. We pushed nine models to their limits to determine best value for a broad range of users. Read more

System Builder Marathon: Performance & Value

Published on November 28, 2008

We tightened the budget on this month’s enthusiast-level system while loosening our belt for the low-cost gamer box by a similar percentage. Today we gauge the effect of these changes on performance and value and compare to last month's machines. Read more

System Builder Marathon: $1,250 Enthusiast PC

Published on November 27, 2008

On this, the second day of our System Builder Marathon, Don turns down the price tag of his mid-range build looking for a sweet spot just above the $1,000 marker. Let's see what sort of hardware he found for it! Read more

System Builder Marathon: $625 Gaming PC

Published on November 26, 2008

This month's System Builder Marathon is all about your feedback to us. We've revamped our entry-level and mid-range PCs with new price points. Let's kick things off with what we think is the best value at a $625 price point! Read more

All the Reviews & Articles

Tom's Hardware UK and Ireland Forums » General Networking » Firewall » Referers

Referers

Advanced Search

There are 366 identified and unidentified users. To see the list of identified users, Click here

Word : Username : Filter :
Bottom
Author	Thread : Referers

Name

Profile: stranger

More Information

09-20-2005 at 05:38:06 AM

Archived from groups: comp.security.firewalls (More info?)

Are referers a "security concern"?

Related Product

Anonymous

More Information

09-20-2005 at 12:22:28 PM

Hide

Archived from groups: comp.security.firewalls (More info?)

In <wuLXe.9346$gE7.9332@fe08.lga> "Name" <name@nospam.com> writes:

>Are referers a "security concern"?

Sort of. If you have a "secret" page, i.e. one to which no external
links exists and you have a link on that page to someone with a
visible refererlog, your "secret" page might be picked up by a
google-bot via the refererlog, thus making the contents of the
"secret" page part of google's database where it can linger on
for some time beyond your control. "Security concern?" You decide.

A twist on this involves permissions changing on the "secret"
page, thus making it visible to the world (of course an error, but
without the refererlog no harm would have been done).

Kind regards
--- Birger Nielsen (bnielsen@daimi.au.dk)

Anonymous

More Information

09-20-2005 at 07:05:29 AM

Hide

Archived from groups: comp.security.firewalls (More info?)

Name wrote:

> Are referers a "security concern"?

You mean HTTP_REFERER? Yes. You can possibly click on a link from within a
password-protected area. Sometimes the password as well as user name along
with other stuff are being (erroneously) sent to the authentication system
via a GET request and therefore they become a part of the URL. So, if you
logged in and clicked on a link, your user ID and password (as well of
plenty other juicy info) will be visible in the logs of the server you've
just visited.
Web statistics software is most prone to this kind of problem but you may
come across this in link exchanges, directories and such. Anything that is
designed to work with links.

Good luck!

DA

##-----------------------------------------------##
Delivered via http://www.secure-gear.com
The Internet Knowledge Base for the security industry
no-spam access to your favorite newsgroup -
comp.security.firewalls - 18675 messages and counting!
##-----------------------------------------------##

Tom's Hardware UK and Ireland Forums » General Networking » Firewall » Referers

Go to:

Page generated in 0.830 seconds

Google ads