Defending against the BREACH attack using Netscaler Application Firewall
http://blogs.citrix.com/2013/09/05/defending-against-the-breach-attack-using-netscaler-application-firewall/
At the recent Black Hat 2013 conference, several researchers described an attack against HTTPS in which an attacker can discover data sent by a Web server even though it is encrypted. All the attacker needs is a way to send requests via the victim's browser and measure the size of the resulting response. A website is potentially vulnerable if it does all of the following:…
No comments:
Post a Comment