RE: Browser Vulns

From: Laura A. Robinson (laurarobinson_at_earthlink.net)
Date: 07/17/04

Next message: manuelf-delete5442_at_mailblocks.com: "Re: Tool to view effective AD settings"

Previous message: Laura A. Robinson: "RE: Tool to view effective AD settings"
In reply to: Eric McCarty: "RE: Browser Vulns"
Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Browser Vulns"
Reply: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Browser Vulns"
Reply: Harlan Carvey: "RE: Browser Vulns"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Eric McCarty'" <eric@lawmpd.com>, "'James Bowman'" <jim@drexel.edu>, <focus-ms@securityfocus.com>
Date: Fri, 16 Jul 2004 22:09:16 -0400

Just out of curiosity, how many (few) users do you have that this is a
workable approach? And wouldn't ingress/egress monitoring be more effective
than poking at cookies?

Laura

> -----Original Message-----
> From: Eric McCarty [mailto:eric@lawmpd.com]
> Sent: Wednesday, July 14, 2004 11:27 AM
> To: James Bowman; focus-ms@securityfocus.com
> Subject: RE: Browser Vulns
>
> I prefer Choice E : Education
>
> Tell your users what to do and not do, then run desktop
> auditing software to review browser/cookie history to see
> violators of the policy and take appropriate action.
>
> Patching wont help if no patch exists. Check out Pivx for choice B.
>
> Eric
>
> -----Original Message-----
> From: James Bowman [mailto:jim@drexel.edu]
> Sent: Tuesday, July 13, 2004 9:11 PM
> To: focus-ms@securityfocus.com
> Subject: Browser Vulns
>
>
>
>
> Posing a question to Security Managers regarding the massive
> attention now on browser vulnerabilities.
>
>
>
> How are you reacting (if at all):
>
> A: Patching
>
> B: HIPS / HIDS
>
> C: Content filtering via proxy
>
> D: Other...
>
>
>
> For those choosing B:, how is your flavor of HIPS / HIDS faring?
>
> For those choosing C:, what is working for you, and for
> either B: or C:, is it signature or PAD based?
>
>
>
> JB
>
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> -------------
>
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> -------------
>

---------------------------------------------------------------------------
---------------------------------------------------------------------------

Next message: manuelf-delete5442_at_mailblocks.com: "Re: Tool to view effective AD settings"

Previous message: Laura A. Robinson: "RE: Tool to view effective AD settings"
In reply to: Eric McCarty: "RE: Browser Vulns"
Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Browser Vulns"
Reply: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Browser Vulns"
Reply: Harlan Carvey: "RE: Browser Vulns"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]