security.web-applications (thread)

RE: The biggest thing affecting software security? People, apparently., PPowenski
- Re: The biggest thing affecting software security? People, apparently., Robert Hajime Lanning
The biggest thing affecting software security? People, apparently., Nick Murison
- Re: The biggest thing affecting software security? People, apparently., Steve Milner
- RE: The biggest thing affecting software security? People, apparently., Lyal Collins
- Re: The biggest thing affecting software security? People, apparently., Clinton E. Troutman
  - Re: The biggest thing affecting software security? People, apparently., Amit
- Re: The biggest thing affecting software security? People, apparently., Irene Abezgauz
- Re: The biggest thing affecting software security? People, apparently., . .
  - Re: The biggest thing affecting software security? People, apparently., John Manko
Call for Paritipation: C.I.P.H.E.R Contest, Maximillian Dornseif
OT: Review of CISSP Training Material, Saqib Ali
- RE: Review of CISSP Training Material, Clement Dupuis
Languages/platforms used for Web apps. Any stats?, Benjamin Livshits
- Re: Languages/platforms used for Web apps. Any stats?, Andrew van der Stock
- RE: Languages/platforms used for Web apps. Any stats?, Matt Szubrycht
  - Re: Languages/platforms used for Web apps. Any stats?, Mark Susol Ultimate Creative Media
    - Re: Languages/platforms used for Web apps. Any stats?, Steve McCullough
    - Re: Languages/platforms used for Web apps. Any stats?, Jesse G. Lands
    - Re: Languages/platforms used for Web apps. Any stats?, Mamading Ceesay
- Re: Languages/platforms used for Web apps. Any stats?, focus
  - Re: Languages/platforms used for Web apps. Any stats?, Steve McCullough
- Re: Languages/platforms used for Web apps. Any stats?, Rob Lanphier
  - Re: Languages/platforms used for Web apps. Any stats?, Gary Warner
- Re: Languages/platforms used for Web apps. Any stats?, prep
  - RE: Languages/platforms used for Web apps. Any stats?, Mark Curphey
    - RE: Languages/platforms used for Web apps. Any stats?, Steve Slater
    - Re: Languages/platforms used for Web apps. Any stats?, Adam Shostack
    - Re: Languages/platforms used for Web apps. Any stats?, Ben Sytko
    - RE: Languages/platforms used for Web apps. Any stats?, Mark Curphey
Administrivia: Follow up to survey responses, Andrew van der Stock
RE: Java keystore password storage, Scott, Richard
Top Ten Principles for Building Secure Software, Mark Curphey
- Top Ten Information Security Considerations for Use Case Modeling, Gunnar Peterson
TFTP and XP_CMDSHELL - Weird, Andres Molinetti
C / C++ Standards Online in T&C Wiki, Mark Curphey
Attack Patterns and Security Patterns, Mark Curphey
Tomcat Cross Site Scripting lock down, ddodge
OWASP Ireland Meeting, Eoin Keary
[WEB SECURITY] Can HTTP Request Smuggling be blocked by Web Application Firewalls?, Amit Klein (AKsecurity)
- Re: [WEB SECURITY] Can HTTP Request Smuggling be blocked by Web Application Firewalls?, Daniel
  - Re: [WEB SECURITY] Can HTTP Request Smuggling be blocked by Web Application Firewalls?, Amit Klein (AKsecurity)
- Re: Can HTTP Request Smuggling be blocked by Web Application Firewalls?, Andrew van der Stock
- [WEB SECURITY] Re: Can HTTP Request Smuggling be blocked by Web Application Firewalls?, Andrew van der Stock
  - Re: Can HTTP Request Smuggling be blocked by Web Application Firewalls?, Amit Klein (AKsecurity)
WASC-Articles: 'Common Security Problems in the Code of Dynamic Web Applications' By Sverre H. Huseby, contact
Administrivia: SSL discussion, Andrew van der Stock
Fwd: [OWASP-Australia] UPDATED - Meeting Announcement - 21 June 05, Andrew van der Stock
New release of WebScarab, Rogan Dawes
Should login pages be protected by SSL?, Amir Herzberg
- Re: Should login pages be protected by SSL?, Andrew van der Stock
  - Re: Should login pages be protected by SSL?, Amir Herzberg
    - Re: Should login pages be protected by SSL?, Andrew van der Stock
    - Re: Should login pages be protected by SSL? (and comment to moderator), Amir Herzberg
    - Re: Should login pages be protected by SSL? (and comment to moderator), Andrew van der Stock
    - Re: PCI standards & Should login pages be protected by SSL?, Peter Watkins
    - RE: PCI standards & Should login pages be protected by SSL?, Lyal Collins
    - Re: Should login pages be protected by SSL? (and comment to moderator), Amir Herzberg
    - Re: Should login pages be protected by SSL?, Steve Shah
    - Re: Should login pages be protected by SSL?, Amir Herzberg
    - [summary] Re: Should login pages be protected by SSL?, Steve Shah
    - Re: [summary] Re: Should login pages be protected by SSL?, Ole Kasper Olsen
    - Rephrased: Should login pages be protected by SSL - although it won'thelp most users?, Amir Herzberg
    - Re: [summary] Re: Should login pages be protected by SSL?, Devdas Bhagat
    - Re: [summary] Re: Should login pages be protected by SSL?, Michael Silk
    - Re: [summary] Re: Should login pages be protected by SSL?, Wolfgang Reder
    - Re: [summary] Re: Should login pages be protected by SSL?, Michael Silk
    - Re: Should login pages be protected by SSL?, Dave Ockwell-Jenner
    - Re: Should login pages be protected by SSL?, Achim Hoffmann
- Re: Should login pages be protected by SSL?, Michael Silk
- Re: Should login pages be protected by SSL?, Andy bentley
  - RE: Should login pages be protected by SSL?, Glenn Euloth
- Re: Should login pages be protected by SSL?, bluewizard83-de4gahsh
  - Re: Should login pages be protected by SSL?, Peter Watkins
- Re: Should login pages be protected by SSL?, Kalyan Varma
- Re: Should login pages be protected by SSL?, Stefano Di Paola
- Re: Should login pages be protected by SSL?, Saqib Ali
- Re: Should login pages be protected by SSL?, Amir Herzberg
  - Re: Should login pages be protected by SSL?, Saqib Ali
    - Re: Should login pages be protected by SSL?, Ian Rogers
    - Re: Should login pages be protected by SSL?, Amir Herzberg
  - Re: Should login pages be protected by SSL?, Achim Hoffmann
- RE: Should login pages be protected by SSL?, maburns
  - Re: Should login pages be protected by SSL?, Amir Herzberg
    - Re: Should login pages be protected by SSL?, Torsten Mueller
    - RE: Should login pages be protected by SSL?, Almerindo Graziano
    - Webapp-level protection/detection of Pharming attacks, WebAppSecurity [Technicalinfo.net]
- RE: Should login pages be protected by SSL?, maburns
  - Re: Should login pages be protected by SSL?, Steve Shah
  - Re: Should login pages be protected by SSL?, Amir Herzberg
- Re: Should login pages be protected by SSL?, Amir Herzberg
- RE: Should login pages be protected by SSL?, Cowles, Robert D.
  - Re: Should login pages be protected by SSL?, Steve Shah
- RE: Should login pages be protected by SSL?, Derick Anderson
- RE: Should login pages be protected by SSL?, Cowles, Robert D.
  - RE: Should login pages be protected by SSL?, Glenn Euloth
- Re: Should login pages be protected by SSL?, Bob Radvanovsky
  - Re: Should login pages be protected by SSL?, James Barkley
  - Re: Should login pages be protected by SSL?, Saqib Ali
    - Re: Should login pages be protected by SSL?, Eoin Keary
- RE: Should login pages be protected by SSL?, Levenglick, Jeff
- RE: Should login pages be protected by SSL?, Flanagan, Kevin
- RE: Should login pages be protected by SSL?, Hellman, Matthew
- RE: Should login pages be protected by SSL?, Hellman, Matthew
- RE: Should login pages be protected by SSL?, Simon Zuckerbraun
  - RE: Should login pages be protected by SSL?, bluewizard83-de4gahsh
- RE: Should login pages be protected by SSL?, Michael Tsentsarevsky
  - Re: Should login pages be protected by SSL?, Yanglei
    - Re: Should login pages be protected by SSL?, Michael Silk
  - RE: Should login pages be protected by SSL?, dave kleiman
    - RE: Should login pages be protected by SSL?, Lyal Collins
    - RE: Should login pages be protected by SSL?, dave kleiman
    - Re: Should login pages be protected by SSL?, warnings
  - Re: Should login pages be protected by SSL?, Saqib Ali
    - RE: Should login pages be protected by SSL?, Ernest Nelson
- RE: Should login pages be protected by SSL?, Lyal Collins
- RE: Should login pages be protected by SSL?, Michael Tsentsarevsky
- RE: Should login pages be protected by SSL?, Michael Gargiullo
- RE: Should login pages be protected by SSL?, Simon Zuckerbraun
one-time password (OTP) authentication, james
- RE: one-time password (OTP) authentication, Lyal Collins
  - Re: one-time password (OTP) authentication, Andrew van der Stock
- Re: one-time password (OTP) authentication, Joseph Miller
- RE: one-time password (OTP) authentication, Cyrill Osterwalder
- RE: one-time password (OTP) authentication, maburns
  - Re: one-time password (OTP) authentication, Devdas Bhagat
    - RE: one-time password (OTP) authentication, Lyal Collins
    - Re: one-time password (OTP) authentication, Achim Hoffmann
- RE: one-time password (OTP) authentication, maburns
List administrivia - untrimmed replies, Andrew van der Stock
Black Hat Briefings Announcements, Jeff Moss
ANNOUNCING: 2nd US OWASP AppSec Conference - Oct 11-12 - Near DC, Dave Wichers
SOAP Debugger - a simple, generic SOAP client, Chuck
- Re: SOAP Debugger - a simple, generic SOAP client, Zhiguly Hotel
- Re: SOAP Debugger - a simple, generic SOAP client, Sverre H. Huseby
- Re: SOAP Debugger - a simple, generic SOAP client, asmolen
- RE: SOAP Debugger - a simple, generic SOAP client, Smith, Carl
- RE: SOAP Debugger - a simple, generic SOAP client, Bob Auger
- RE: SOAP Debugger - a simple, generic SOAP client, Ory Segal
  - Re: SOAP Debugger - a simple, generic SOAP client, Chuck
    - Fwd: SOAP Debugger - a simple, generic SOAP client, Rush Molekilla
Designing a Code Signining System, Saqib Ali
- Re: Designing a Code Signining System, mike
  - Re: Designing a Code Signining System, Saqib Ali
Cookie stealing and replay in a corporate single sign on environment, Willard Fernortner
- Re: Cookie stealing and replay in a corporate single sign on environment, Irene Abezgauz
  - Re: Cookie stealing and replay in a corporate single sign on environment, Willard Fernortner
    - Re: Cookie stealing and replay in a corporate single sign on environment, Irene Abezgauz
- Re: Cookie stealing and replay in a corporate single sign on environment, Willie Northway
  - Re: Cookie stealing and replay in a corporate single sign on environment, Saqib Ali
- RE: Cookie stealing and replay in a corporate single sign on environment, Cyrill Osterwalder
  - Re: Cookie stealing and replay in a corporate single sign on environment, Ivan Ristic
- RE: Cookie stealing and replay in a corporate single sign on environment, Cyrill Osterwalder
Welcome from your new moderator :), Andrew van der Stock
OWASP 2.0 beta 1 available for public comment, Andrew van der Stock
Book Review: "Apache Security" By O'Reilly, zeno
New Moderator, Alfred Huger
- RE: New Moderator, Thomas Brennan
Care to become a moderator?, Alfred Huger
[WEB SECURITY] RE: [WEB security audit - how to avoid legal prosecution, Don_Tuer
[WEB SECURITY] security audit - how to avoid legal prosecution, Maxim Kostioukov
- Re: [WEB SECURITY] security audit - how to avoid legal prosecution, Randal L. Schwartz
- RE: [WEB SECURITY] security audit - how to avoid legal prosecution, Nathan Tobik
- RE: [WEB SECURITY] security audit - how to avoid legal prosecution, Martin O'Neal
- RE: [WEB SECURITY] security audit - how to avoid legal prosecution, Aiken, Dan
- Re: RE: [WEB SECURITY] security audit - how to avoid legal prosecution, Bob Radvanovsky
- RE: [WEB SECURITY] security audit - how to avoid legal prosecution, Maxim Kostioukov
- RE: [WEB SECURITY] security audit - how to avoid legal prosecution, Maxim Kostioukov
  - Re: [WEB SECURITY] security audit - how to avoid legal prosecution, Randal L. Schwartz
[WEB SECURITY] A new whitepaper by Watchfire - HTTP Request Smuggling, Ory Segal