TapcisForum  

Go Back   Tapcis Web Forums > Open Forums > Non-Tap Technical
Reload this Page Online Banking & CSRF (Cross Site Request Forgery)
Register FAQ Members List Calendar Mark Forums Read

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old January 3rd, 2007, 12:08 AM
davidh davidh is offline
Member
  
Join Date: May 2005
Posts: 1,935
Default Online Banking & CSRF (Cross Site Request Forgery)
"It is rather hard to avoid these bugs and expect more of them to be found. It is best practice to log out of sites (in particular banking sites) once you no longer need the content. This will limit the attack window for the most dangerous CSRF attacks. Limited use of javascript (should I mention the NoScript extension to Firefox again?) will help as well. But ultimately, this is an issue that has to be fixed by the website."

http://isc.sans.org/diary.php?storyid=1995&rss

DH
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 08:28 AM.

Contact Us - TapcisForum - Archive - Top

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.