[Dshield] Cookies from homeland security???

warpmedia warpmedia at comcast.net
Mon Oct 18 14:36:43 GMT 2004


I am not up on the state of exploits & cookies (Mozilla is less likely to 
be so than IE AFAIK), but it supposed to that be only source domain can set 
& read the cookies. Either way it's a legit site using Cold Fusion & CFM 
files to serve up content and needs to set those 2 values to work.

Since you're not browsing there manually, I'd guess your start page or some 
other page you've been too is redirecting you to homelandsecurity.house.gov 
& then quite normally you are getting session cookies from them. I'd be 
more looking into why you're being redirected rather than pondering further 
these particular cookies or domain.

What exactly is the alert saying? I must have missed the description. Could 
be that they don't a privacy policy defined & the browser is rightly 
warning you (but that's just an IE6 thing IIRC).

At 10:33 AM 10/17/2004, mike wrote:
>I wasn't visiting any site. I was just firing up Mozilla (I keep it memory 
>resident so it starts faster if that means anything in this context) and 
>the alert popped up.
>If I understand your answer, I know what cookies are and what they are 
>used for. I always delete all cookies and clear my cache after every 
>browser session anyways. What I was wondering was why 
>homelandsecurity.house.gov would try to set one. I never thought - I'm 
>half asleep right now and this is probably a real dumb question but can 
>you spoof a cookies origin and if so why?

Joshua MacCraw
warpmedia at comcast.net

More information about the list mailing list