
Price comparison for: fast servers for your business solution, fast notebooks for long flights, software for good results, TomTom navigation systems, PC hardware, Plasma and LCD TVs, Computer Hardware and Software, MP3 Player, highend Laptops and many more. Get reviews of your favourite digital camera or of new dvd-players.

linuxpromagazine.com » Issues » 2005 » 60 » STRANGE PHISHING

Stopping the cross-site authentication attack

STRANGE PHISHING

Author(s): JOACHIM BREITNER

A new form of phishing attack deposits an HTML tag on the vulnerable service to trap users into authenticating.

Phishing messages should be a familiar sight to most readers. They appear to come from your bank or eBay and ask you to enter your credentials on a spoofed login page. A phishing attack uses trickery to spy on user credentials. Another method, known as cross-site scripting (XSS, as CSS stands for Cascading Style Sheets), places active code on a vulnerable page. The unsuspecting user’s web browser runs the code and sends the user’s login data to the attacker.

Read full article as PDF »

Comments

Digg

Rikki's Open Source Exchange

Stop by Rikki's Open Source Exchange for dispatches from the world of women in open source.

Rikki Kite examines the experience of women across the spectrum of open source –
the people, projects, organizations, events, articles, issues, and news.

more...

In the US and Canada, Linux Magazine is known as Linux Pro Magazine.
Entire contents © 2008 [Linux New Media USA, LLC]
Linux New Media web sites:
North America: [Linux Pro Magazine]
UK/Worldwide: [Linux Magazine]
Germany: [Linux-Magazin] [LinuxUser] [EasyLinux] [Linux-Community] [Linux-Nachrichten] [Linux Events]
Eastern Europe: [Linux Magazine Poland] [Linux Community Poland] [Darmowe Programy Poland] [Open Source DVD Poland] [Linux Magazin Romania]
International: [Linux Magazine Brazil] [Linux Magazine Spanish]
Corporate: [Linux New Media AG]