Hi, First of all, thank you for your quick answer.
I am not familiar with programming espacially window programming. How to know the access is authorized or unauthorized? When a user access A web page and A web page include XSS that read the cookie for A web site and send B web site the cookie. I guess , read event to cookie by unauthorized access cannot be distinguish from authorized access. I mean read event itself is neutral, I think. If we can distinguish between authorized access and unauthorized access, it is wonderful. Best Regards Christina wrote: >Hi there, you could certainly configure capture to check for unauthorized >access to confidential data. You could setup the exclusion list to trigger >on read events to confidential files. >Has anybody on the list gone down this route and want to share their >experience?
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
