[4007] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Web Site Hacking

daemon@ATHENA.MIT.EDU (Eric K. Dickinson)
Fri Jan 17 11:06:06 1997

From: "Eric K. Dickinson" <eric@nova.dcrt.nih.gov>
To: www-security@ns2.rutgers.edu
Date: Fri, 17 Jan 1997 09:18:15 -0500 (EST)
Cc: braganza@helix.nih.gov
Errors-To: owner-www-security@ns2.rutgers.edu

I am wondering if this is a suitable solution.  Could one not set up a passive
defence by over writing the presented home-pages at a predeterminded time and
at some other trigger such as a write or copy.  Any unauthorized action could
also be used as a trigger to just "over write".  The real home-page coud be
anywhere accessable only by the OS itself or another hardened location not
presented to the world.  I am used to the Unix world and have more experience
there than NT.

Any Ideas?  Thoughts?  Or is this out in left field?

eric@nova.dcrt.nih.gov


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4007] in WWW Security List Archive

Web Site Hacking

daemon@ATHENA.MIT.EDU (Eric K. Dickinson)Fri Jan 17 11:06:06 1997

daemon@ATHENA.MIT.EDU (Eric K. Dickinson)
Fri Jan 17 11:06:06 1997