Web Penetration Testing with Tamper Data (Firefox Add-on) allows to modifying the request parameters before request submission. How to prevent this type of hijacking? Can anyone suggest me the security measures to be taken to avoid this..?
Asked
Active
Viewed 366 times
0
-
In short: Nothing, including SSL, protects you against a user tampering with the data as long as the user has control over his system. If you just need to protect parameters set by the server against tampering by the user use HMAC or similar mechanisms to detect such tampering. – Steffen Ullrich Jan 15 '18 at 07:49
1 Answers
1
SSL is used because:
The primary reason why SSL is used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can understand it. This is important because the information you send on the Internet is passed from computer to computer to get to the destination serve
In addition to encryption, a proper SSL certificate also provides authentication. This means you can be sure that you are sending information to the right server and not to an imposter trying to steal your information.
Please see below blogs for more details on SSL
Abhi
- 104
- 5