Re: [Full-Disclosure] !! Internet Explorer !!

From: Koen (koen4security_at_hotmail.com)
Date: 06/11/04

  • Next message: Jelmer: "[Full-Disclosure] RE: COELACANTH: Phreak Phishing Expedition]"
    To: Matthew Jonkman <matt@infotex.com>
    Date: Fri, 11 Jun 2004 21:58:37 +0200
    
    

    Matthew Jonkman wrote:

    > Here's your best bet for protecting yourself from IE vulnerabilities,
    > trojans, spyware, etc:
    >
    > http://www.mozilla.org.
    >
    > Better, safer, faster.

    And how exactly does this help in a corporate environment where you are
    obliged to use Internet Explorer because they are running some kind of
    bloated service/application that only runs in IE?

    I stick to Firebird ...uhmm..Firefox but whenever I need to get my hands
    on some piece of 'corporate' document that's in our document information
    system it's good old and ugly IE that does the trick. I'm not stating
    that this is a good thing, but it's damned reality in +50% of corporate
    environments. Choice is good, even when this involves Microsoft.

    You're far better of educating your users how to deal with 'suspicious'
    content, making sure that everything is back-uped (and tested!),
    providing alternatives for 'regular' browsing (like Mozilla for external
    traffic, Internet Explorer for internal webservers), filtering 'some'
    content, monitoring your traffic as close as you can get, making sure
    that 'unsafe' (and safe) applications are locked down and watching
    security lists like this one so that you can inform your 'users' (and
    not the other way around).

    Koen

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Jelmer: "[Full-Disclosure] RE: COELACANTH: Phreak Phishing Expedition]"