Internet Web Server/Client Guru needed!! - Apache

This is a discussion on Internet Web Server/Client Guru needed!! - Apache ; Hi... I'm working on a project, and need to know if there's anyone who's a guru with Web Server/Client interactions. Basically, I'm trying to get a much better/deeper understanding of the HTTP protocols defining the information that is sent/transfered between ...

+ Reply to Thread
Results 1 to 2 of 2

Internet Web Server/Client Guru needed!!

  1. Default Internet Web Server/Client Guru needed!!

    Hi...

    I'm working on a project, and need to know if there's anyone who's a guru
    with Web Server/Client interactions. Basically, I'm trying to get a much
    better/deeper understanding of the HTTP protocols defining the information
    that is sent/transfered between the web server/client browser apps.

    I'm also interested in understanding what the various information is that
    gets transfered between the apps, as well as understanding what information
    can be spoofed/altered on the client side, as it goes back to the server.

    I know about the querystring information (post/get/request/etc...). I'm more
    interested in the information that can be sent/viewed behind the scenes like
    header, ip addresses, mac addresses, machine IDs, etc... I'm also trying to
    understand just how much information can be seen by the web srever, from the
    browser/client app. At the same time, I'm curious as to just what the web
    server can get from the client app. All of this applies to me trying to get
    a better understanding of 'man in the middle attacks' as they apply to
    server/browser communications.

    Searching google isn't getting me what i really want!!

    So, if you have the skills/expertise in this area, and you're willing to
    talk to me for a few minutes, I'd appreciate it. As stated, the underlying
    reason for the questions is to get a better understanding of 'man in the
    middle attacks' as this applies to web server apps.

    Thanks

    bruce
    bedouglas@earthlink.net



    ---------------------------------------------------------------------
    The official User-To-User support forum of the Apache HTTP Server Project.
    See <URL:http://httpd.apache.org/userslist.html> for more info.
    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    " from the digest: users-digest-unsubscribe@httpd.apache.org
    For additional commands, e-mail: users-help@httpd.apache.org


  2. Default Re: Internet Web Server/Client Guru needed!!

    bruce wrote:
    > Hi...

    Try Ivan Ristic's Apache Security published by O'Reilly. Ivan says on
    page 82 that SSL with both server and client authentication is the only
    solution to MITM attacks.

    I would start with his book then seek out a guru. I'd know much better
    what to ask. I think Apache Security is brilliant.

    Good luck

    Mike

    >
    > I'm working on a project, and need to know if there's anyone who's a guru
    > with Web Server/Client interactions. Basically, I'm trying to get a much
    > better/deeper understanding of the HTTP protocols defining the information
    > that is sent/transfered between the web server/client browser apps.
    >
    > I'm also interested in understanding what the various information is that
    > gets transfered between the apps, as well as understanding what information
    > can be spoofed/altered on the client side, as it goes back to the server.
    >
    > I know about the querystring information (post/get/request/etc...). I'm more
    > interested in the information that can be sent/viewed behind the scenes like
    > header, ip addresses, mac addresses, machine IDs, etc... I'm also trying to
    > understand just how much information can be seen by the web srever, from the
    > browser/client app. At the same time, I'm curious as to just what the web
    > server can get from the client app. All of this applies to me trying to get
    > a better understanding of 'man in the middle attacks' as they apply to
    > server/browser communications.
    >
    > Searching google isn't getting me what i really want!!
    >
    > So, if you have the skills/expertise in this area, and you're willing to
    > talk to me for a few minutes, I'd appreciate it. As stated, the underlying
    > reason for the questions is to get a better understanding of 'man in the
    > middle attacks' as this applies to web server apps.
    >
    > Thanks
    >
    > bruce
    > bedouglas@earthlink.net
    >
    >
    >
    > ---------------------------------------------------------------------
    > The official User-To-User support forum of the Apache HTTP Server Project.
    > See <URL:http://httpd.apache.org/userslist.html> for more info.
    > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    > " from the digest: users-digest-unsubscribe@httpd.apache.org
    > For additional commands, e-mail: users-help@httpd.apache.org
    >
    >
    >


    ---------------------------------------------------------------------
    The official User-To-User support forum of the Apache HTTP Server Project.
    See <URL:http://httpd.apache.org/userslist.html> for more info.
    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    " from the digest: users-digest-unsubscribe@httpd.apache.org
    For additional commands, e-mail: users-help@httpd.apache.org


+ Reply to Thread
« Function sequence error | Debugging code which deploys DBI: no logfile, no trace. What's a cause? »