Network Security: Detailed info on Re: Defending users of unprotected login pages with TrustBar 0.4.9.93

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

Re: Defending users of unprotected login pages with TrustBar 0.4.9.93

from [mike03051] Network Security

[Permanent Link]

Subject:	Re: Defending users of unprotected login pages with TrustBar 0.4.9.93
Date:	19 Sep 2005 12:19:12 -0000


Amir,

I visted your web site. IMHO, This issue you bring up is worthy of debate 
within this forum. 

I could be mistaken but I think that many sites you list do really implement 
SSL (https) secure logon. For example, you list Smith Barney. One accesses 
their site using HTTP, but their form is implemented using HTTPS.

Now the way I understand this should work is that the form target is a POST to 
https://url.com. The browsers is then required to open an SSL connection to the 
server and send the form data through the encrypted channel.

Maybe you or someone on this forum can confirm or correct my understanding.

Mike Peters





I have not looked at all of your hall of shame sites listed there, but for many

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Defending users of unprotected login pages with TrustBar 0.4.9.93, Amir Herzberg Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, mike03051 <= Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, Nathan Jackson-Eeles Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, J. Lambrecht Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, mike03051 Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, Peter Conrad Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, mike03051

Previous by Date:	Defending users of unprotected login pages with TrustBar 0.4.9.93, Amir Herzberg
Next by Date:	Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, Nathan Jackson-Eeles
Previous by Thread:	Defending users of unprotected login pages with TrustBar 0.4.9.93, Amir Herzberg
Next by Thread:	Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, Nathan Jackson-Eeles
Indexes:	[Date] [Thread] [Top] [All Lists]