[Owasp-leaders] CSRF

Giorgio Fedon giorgio.fedon at owasp.org
Wed May 29 13:46:45 UTC 2013


Another scenario is when you need to poison DNS cache. In that case you
may need many resolution request from a lot of different ips. And maybe
the function that force the dns resolution is in the authenticated area


On 05/29/2013 03:19 PM, gaz Heyes wrote:
> On 29 May 2013 14:14, Giorgio Fedon <giorgio.fedon at owasp.org
> <mailto:giorgio.fedon at owasp.org>> wrote:
>
>     Incrimination is something that may happen by forcing a user doing
>     something illegal.
>
>
> That isn't what I meant. You can assign the IP address of the user to
> a specific account that has already performed or about to perform
> illegal activity.


-- 
| Giorgio Fedon, Owasp Italy
|
| In Input Validation 
|            and Output Sanitization, 
|                                   We Trust
--
| Web: https://www.owasp.org/index.php/Italy
|_____________________________________________.



More information about the OWASP-Leaders mailing list