[Owasp-appsensor-project] Additional Detection Points - Detect Client Information

Colin Watson colin.watson at owasp.org
Wed Jun 9 10:34:13 EDT 2010


Suggestion to add a new detection point.  Has this already been ruled
out?  Should it be added?  Is the description/categorization suitable?

Source
-----------------------------------
Just another idea - this one could be the most controversial since it
might be seen as an active attack on the user.  The idea is
information gathering rather than electronic counter measures.  After
all, logging a user out also affects them.

Description
-----------------------------------
At a certain threshold, deploy additional sensor(s) onto the client
such as. a Java applet to return the client's IP address,  JavaScript
to collect additional data about the user's environment (e.g.
Panopticlick http://panopticlick.eff.org/), or JavaScript to detect
local network information.  These actions must be consistent with the
application's terms of use, privacy notice and organizational
mandates.

Suggested categorization
-----------------------------------
In the suggested new category "Reputation" (see RP1 Suspicious User IP Address)
RP6 Detect Client Information

*** This may instead be an AppSensor response action, even thought it
is deploying a new sensor ? ****


More information about the Owasp-appsensor-project mailing list