> > Sneaky people could even use this to fool your server to cache and
> > serve arbitrarily content, including illegal music copies and other
> > hot stuff. Do not go there!
>
> It is not hard to come up with heuristics to defeat this kind
> of attack.
And equally not hard for the attackers to work their way around the
heuristics.
There is also the danger of spoofing websites. I could put a stylesheet
which generated a form which looked like the one at
http://classweb.loc.gov/min/minaret?app=Class&mod=Browser&menu=/Menu/
but ran a CGI script on my server when you hit logon which did a
redirect to the real site and recorded the username and password.
Next e-mail out a URL such as
http://z3950.loc.gov:7090/voyager?operation=explina&version=1.1&styleshe
et=http://myserver/mysetylsheet
To various librarians (if I send as html mail, I can even hide some of
that nasty query string which might make some suspicious).
Hey presto, I have a spoofed logon page, which even looks as though it
is being server from a legitimate loc.gov web site (this is the main
reason that the browsers don't support this by default)
Matthew
|