Hi Pawan, this might be helpful: http://www.gnucitizen.org/blog/csrf-demystified
Regards, Jan Pawan schrieb: > Hi List, > any one on the list aware of any IDS/IPS capable of blocking CSRF > attacks? > If not, what will be the best policy to block CSRF. > > Thanks in advance. > > > ------------------------------------------------------------------------- > Sponsored by: Watchfire > Methodologies & Tools for Web Application Security Assessment > With the rapid rise in the number and types of security threats, web > application security assessments should be considered a crucial phase in the > development of any web application. What methodology should be followed? What > tools can accelerate the assessment process? Download this Whitepaper today! > > https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F > ------------------------------------------------------------------------- > > > -- Grupo Ampersand S.A. IT-Security Consultants & Auditors Apdo. 924 Escazu 1250 Costa Rica C.A. Phone: (506)588-0432 ceo_at_ampersanded.com [corp.] janheisterkamp_at_web.de [priv.] ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
