[WEB SECURITY] Normalization of page response times to prevent timing attacks in a production environment?

bugtraq at cgisecurity.net bugtraq at cgisecurity.net
Mon May 5 14:17:45 EDT 2008


Hello List,

Has anyone had any experience with normalizing page response times on timing attack vulnerable pages in a production environment? 
If so would you care to share your experiences with the list? 

Background:
http://www.sensepost.com/blog/1303.html

Regards,
- Robert
http://www.webappsec.org/
http://www.cgisecurity.com/
http://www.qasec.com/
 

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list