Re: Security tool for monitoring HTTP headers?

...and on Tue, Feb 24, 2004 at 12:06:27AM -0800, patrick@xxxxxxxxxxxxxxxxxxxxx 
used the keyboard:
> Does anyone know of a security tool for modifying HTTP headers directly?
> For example if I wanted to verify that there was proper input validation
> against some of the data in a POST request, does a tool besides Telnet
> exist?  I was considering creating one but I don't want to duplicate someone
> else's work.
> 
> Thanks,

Along the lines of simple socket-to-socket communication, netcat,
http://www.atstake.com/research/tools/network_utilities/ and netcat6,
http://www.deepspace6.net/projects/netcat6.html, its ipv6-extended
clone, might do the trick.

To my knowledge, both can read from stdin, so you can easily pipe
stuff to them, and they don't suffer from that same problem that
telnet does - disconnection upon encountering an EOF on standard
input.

Both also speak UDP and the old netcat can work as a server too,
which makes it quite useful as a monitoring proxy, so they both
qualify as must-have tools in any kind of ip-networked environment.

The equivalent of netcat/netcat6 that can be useful for multicast
testing is emcast, http://www.junglemonkey.net/emcast/, which is
actually a suite consisting of both a library and a trivial client,
that attempts to near what netcat should be if it spoke multicast.

Hope this helped,
-- 
    Grega Bremec
    Senior Administrator
    Noviforum Ltd., Software & Media
    http://www.noviforum.si/

pgpuUckikufVN.pgp
Description: PGP signature