A new web scanner by www.cirt.net has been released to check for vulnerable cgi programs and common webserver holes. This scanner does 4005 checks and is a good tool for testing your IDS software. (NOTE: Amount of checks vary from system to system) http://www.cirt.net/code/nikto.shtml Download From Cirt.net

This paper helps describe an attack method often overlooked by programmers. It explains how modification of HTTP headers can cause possible system access, cookie theft/poisoning, tricked advertising, database injection, and other bad things in web statistical software Header Manipulation/Web Stats Software (TXT)(English) (Hungarian)