Re: Chat with MS!

From: QS=E4rs=2C_Camillo=22?= (Camillo.Sars_at_F-SECURE.COM)
Date: 06/13/03

  • Next message: Michael Mayo: "Re: New and unique IIS log entries."
    Date:         Fri, 13 Jun 2003 09:09:00 +0300
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    > I don't know if you and the subscribers of the list know about the
    > possibilty of direct chatting with "one or more Microsoft experts".

    "Possibility", yes:

    "You need Microsoft Internet Explorer version 4.0 or higher or Netscape 4.x
    installed on your computer to use Microsoft chat."

    "To use Microsoft Chat with Netscape Navigator, it is necessary to download
    the Microsoft Chat plug-in."

    "Go to the directory where NppgWrap.exe is saved and run the setup by
    double-clicking it, or by using the Open command.

     A dialog will appear asking if you wish to continue with the setup. Click
    Yes. The setup program will then install the Microsoft Chat plug-in in your
    Netscape plug-ins directory."

    > Seems to be interesting, huh? ;-)

    " If you are behind a firewall, you may need a proxy client to get to the
    chat server. Please contact your network administrator to help you set this
    up. The port for chat is 6667.
    These Chat rooms are accessible only through this web interface."

    So Microsoft's definition of "web interface" really means "any binary,
    downloaded from a third party over an insecure link, which you need to run as
    Administrator."

    That's what I call "Trustworthy Computing", indeed.

    NB. Corporate security policy prohibits me from participating. I am are not
    allowed to install untrusted software, and I am not allowed to use Internet
    Explorer for general web browsing. YMMV.

    Camillo

    -- 
    Camillo Särs <Camillo.Sars@F-Secure.com>          http://www.iki.fi/ged/
    Senior Security Researcher, F-Secure Corporation  http://www.F-Secure.com
              F-Secure products: Securing the Mobile Enterprise
    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Delivery co-sponsored by TruSecure
    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Free 14-day trial of New Threat & Vulnerability Notification Service
    TruSecure's new IntelliShield(tm) web-based threat and vulnerability
    service isn't your typical alert service. Supported by TruSecure's vast
    intelligence resources - including the ICSA Labs - IntelliShield's early
    warning, analysis, decision support, and threat management tools provide
    organizations with unmatched intelligence to better protect critical
    information assets. Experience it for yourself - just click below to begin
    your free, no obligation 14-day trial today!
    http://www.trusecure.com/offer/s0074/
    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    

  • Next message: Michael Mayo: "Re: New and unique IIS log entries."

    Relevant Pages