Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Dropping connection instead of returning 400

from [christopher] Network Security [Permanent Link]
Subject: RE: Dropping connection instead of returning 400
Date: Wed, 20 Apr 2005 11:59:33 -0700 (PDT) 


Sounds like a good idea to me, but of course what are the dependencies
on returning a proper 400 ?  Could break things down the road.

Instead of sending a RST, may want to consider just dropping the
connection altogether as well.  I'm a big fan of just hanging the
connect, instead of resetting . Just adds another layer of pain
(althought admittedly slight)  to whomever's perputrating the fraud.


I spent the better part of the weekend implementing 400s.  I don't like
that it adds so much complexity to the implementation, but I've realized
that has to be at least optional.  The proxy is setup to reject perfectly
valid requests that don't meet certain criteria.  I could understand why
admins would want to send an error in this situations.

The other thing I want to point out is that google doesn't bother sending
400s when the start line is hosed.  I tend to agree with google.  If the
client can't send a decent start line, is it worth responding to?
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: suggesting passwds to users, Westman, Brad
Next by Date:  Re: GMail blocking "executable" attachments, James Riden
Previous by Thread:  RE: Dropping connection instead of returning 400, Matt Fisher
Next by Thread:  modulo question, martin
Indexes:  [Date] [Thread] [Top] [All Lists]