Importance of HTTP Headers when investigating malicious sites

If you’re part of your organization’s incident response team, you might sometimes find yourself needing to connect to a suspected malicious web site in order to conduct the investigation. The problem with this is that you have to take care not to expose your own machine to the threat. Here is a good little article that discusses the importance of setting the HTTP headers when you want to connect to a known/suspected malicious site. Specifically, it talks about the User-Agent and Referer fields of the HTTP header.

http://isc.sans.edu/diary.html?storyid=10279&rss

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top