James Ebright wrote:
Check the URI referrer and only allow the web form to be hit FROM the URLS that it should be linked to otherwise simply return an error similar to unauthorized access attempt....
Not sufficient. These are being done using direct hits to port 80, not actual web browsers, so the attacking script can set whatever referrer it wants.
I already had referer checks on all the forms that I saw get hit by these probes.
-- Kelson Vibber SpeedGate Communications <www.speed.net> _______________________________________________ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
