You could be referring to an OWASP mail from the webappsec list. OWASP is Open Web Application Security Project and have among other attacks a description of a generic session hijacking. Visit owasp.org
---8<---------------------- Best regards Gøran F. Breivik [EMAIL PROTECTED] --------------------------- -----Original Message----- From: Patrick Fong [mailto:[EMAIL PROTECTED]] Sent: 17. november 2001 05:42 To: [EMAIL PROTECTED] Subject: Application Development Hi I am a Java programmer. I am interested in the security aspects of application development. Java being the Internet programming language involves understanding Internet security concepts. About a month ago, I got an email outlining alot of the Internet security concepts like Session Hijacking and many others that I can't remember from one of security focus' lists. I was wondering if someone can give me some links and books perhaps so that I can learn more about these concepts. I am aware of Sun's Java security web site. I want to know about others. I have heard of CISSP - however I do not have the amount of experience to sit for that exam. Is there anything else? Patrick
