[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] Normalization of page response times to prevent timing attacks in a production environment?

From: bugtraq@xxxxxxxxxxxxxxx
Subject: [WEB SECURITY] Normalization of page response times to prevent timing attacks in a production environment?
Date: Mon, 5 May 2008 14:17:45 -0400 (EDT)

Hello List,

Has anyone had any experience with normalizing page response times on timing attack vulnerable pages in a production environment? 
If so would you care to share your experiences with the list? 

Background:
http://www.sensepost.com/blog/1303.html

Regards,
- Robert
http://www.webappsec.org/
http://www.cgisecurity.com/
http://www.qasec.com/
 

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Follow-Ups:
- Re: [WEB SECURITY] Normalization of page response times to prevent timing attacks in a production environment?
  - From: Ryan Barnett

Prev by Date: [WEB SECURITY] Cocktail party at OWASP AppSec EU in Ghent, May 20th
Next by Date: Re: [WEB SECURITY] Normalization of page response times to prevent timing attacks in a production environment?
Previous by thread: [WEB SECURITY] Cocktail party at OWASP AppSec EU in Ghent, May 20th
Next by thread: Re: [WEB SECURITY] Normalization of page response times to prevent timing attacks in a production environment?
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site