| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030613134749.I5266-100000@vapid.ath.cx> From: lwc at vapid.ath.cx (Larry W. Cashdollar) Subject: Zone Alarm On Fri, 13 Jun 2003, Stephane Nasdrovisky wrote: > > Squid (and probably others) can filter accesses based on the user agent. > Some network firewall (as opposed to personal ones) can be configured to filter accesses based on the user agent header. > > As you know, every peace of software trying to access internet through a >proxy advertise its flavour using the user agent header, and the user >agent header is very hard to spoof :-) I am guessing what you mean by software is web browser? I can recompile mozilla/konqueror/lynx to say whatever I want as a user-agent. I think opera lets you masquerade as which ever browser you want IE/netscape etc... You can connect to an http server will telnet and do a: GET / HTTP/1.0 User-Agent: Bubba-joe-Browser1.1a see RFC 1945/2068 on the http protocol. Why even bother putting in a User-Agent? You dont have to. If the server is trusting the client for information, well you make the client give whatever information you want if you have sufficent access to it. -- La
Powered by blists - more mailing lists