Parameters passed in by the user need to be validated on the server. For example, if one of the parameter is a product ID, then the server needs to check the current user is allowed to access that product. Everything sent by the browser is potentially suspect.
SSL does nothing to prevent these classes of attacks.
Ping & DNS - updated with new look and Ping home screen widget