Many IT administrators can probably discover this information themselves using their corporate proxy, but sometimes it's nice to be able to do this quickly and easily on their desktop. This tool sounds like it might just do the trick.
From the blog post:
[The] Paros proxy server with Firefox easily showed the web transactions when entering a simple URL (I won't disclose the URLs used in the demonstration, suffice to say that the sites were well-known). Using Paros, it is easy to see how much information is passed via cookies. Stopping cookies results in the same information being passed via URL (although this is more obvious since the data appears in some form in the address bar). In many cases the same data is passed to a number if websites regardless of whether the data is appropriate or useful to the receiving website.
For those of you interested, you can find more information on this tool at the Paros Proxy Server website. It's free of charge and written in Java. If you don't already use a enterprise web proxy for security, after testing your site with Paros, it may jolt you into putting one in.
Posts
No comments:
Post a Comment