Re: Browser Vulns

• Previous message: Ansgar -59cobalt- Wiechers: "Re: Windows Update v5 and XPSP2RC2"
• In reply to: Laura A. Robinson: "RE: Browser Vulns"
• Next in thread: Eduardo Sánchez: "RE: Browser Vulns"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 24 Jul 2004 08:42:55 +1000
To: "Laura A. Robinson" <laurarobinson@earthlink.net>

Hi,

There is a great little niche product (as Eric alluded to) by PivX
called QwikFix.

QF is great because it adds a "quickfix" to the core problem, and as
such any exploits of a particular vulnerability will fail, regardless if
the exploit (not vulnerability) is 0day, or even custom written and not
public.

QF has it's own system that uploads or downloads qwik-fixes when a new
'vulnerability' is found, and will protect against all 'exploits', which
is where it really shines, compared to all the other signature based stuff.

They now have an Enterprise version complete with management console, etc.

It's almost like having your systems patched before Microsoft releases a
patch, and helps minimize the window-of-exploitability.

Gawd, i sound like a salesman for PivX. I just beleive it's a very cool
idea, backed by people who know browser vulns (Thor Larholm, etc).

Anyway, you can get a trial version or read about it at
http://www.qwik-fix.net

<disclaimer>I am in no way affiliated with PivX apart from being a
satisfied user of their QF product.</disclaimer>

Cheers,

Chris.

Laura A. Robinson wrote:

>I am curious as to what that desktop monitoring software is, myself, and how
>cookies can be considered an accurate representation of where users have
>surfed. I, for one, have my browser set to prompt me for every single cookie
>a site attempts to store, and I refuse 80% of 'em. :-)
>
>Laura
>
>
>
>>-----Original Message-----
>>From: Harlan Carvey [mailto:keydet89@yahoo.com]
>>Sent: Monday, July 19, 2004 2:40 PM
>>To: focus-ms@securityfocus.com
>>Cc: Laura A. Robinson; 'Eric McCarty'; 'James Bowman'
>>Subject: RE: Browser Vulns
>>
>>Laura,
>>
>>Having spent time in a small (400+ user base) organization,
>>I'd say that your approach would work much better, especially
>>considering that Eric provides no workable solution for "run
>>desktop monitoring software".
>>
>>--- "Laura A. Robinson" <laurarobinson@earthlink.net>
>>wrote:
>>
>>
>>>Just out of curiosity, how many (few) users do you have
>>>
>>>
>>that this is a
>>
>>
>>>workable approach? And wouldn't ingress/egress monitoring be more
>>>effective than poking at cookies?
>>>
>>>Laura
>>>
>>>
>>>
>>>>-----Original Message-----
>>>>From: Eric McCarty [mailto:eric@lawmpd.com]
>>>>Sent: Wednesday, July 14, 2004 11:27 AM
>>>>To: James Bowman; focus-ms@securityfocus.com
>>>>Subject: RE: Browser Vulns
>>>>
>>>>I prefer Choice E : Education
>>>>
>>>>Tell your users what to do and not do, then run
>>>>
>>>>
>>>desktop
>>>
>>>
>>>>auditing software to review browser/cookie history
>>>>
>>>>
>>>to see
>>>
>>>
>>>>violators of the policy and take appropriate
>>>>
>>>>
>>>action.
>>>
>>>
>>>>Patching wont help if no patch exists. Check out
>>>>
>>>>
>>>Pivx for choice B.
>>>
>>>
>>>>Eric
>>>>
>>>>-----Original Message-----
>>>>From: James Bowman [mailto:jim@drexel.edu]
>>>>Sent: Tuesday, July 13, 2004 9:11 PM
>>>>To: focus-ms@securityfocus.com
>>>>Subject: Browser Vulns
>>>>
>>>>
>>>>
>>>>
>>>>Posing a question to Security Managers regarding
>>>>
>>>>
>>>the massive
>>>
>>>
>>>>attention now on browser vulnerabilities.
>>>>
>>>>
>>>>
>>>>How are you reacting (if at all):
>>>>
>>>>A: Patching
>>>>
>>>>B: HIPS / HIDS
>>>>
>>>>C: Content filtering via proxy
>>>>
>>>>D: Other...
>>>>
>>>>
>>>>
>>>>For those choosing B:, how is your flavor of HIPS
>>>>
>>>>
>>>/ HIDS faring?
>>>
>>>
>>>>For those choosing C:, what is working for you,
>>>>
>>>>
>>>and for
>>>
>>>
>>>>either B: or C:, is it signature or PAD based?
>>>>
>>>>
>>>>
>>>>JB
>>>>
>>>>
>>>>
>>>>
>>>>
>>--------------------------------------------------------------
>>
>>
>>>>-------------
>>>>
>>>>
>>>>
>>--------------------------------------------------------------
>>
>>
>>>>-------------
>>>>
>>>>
>>>>
>>>>
>>>>
>>--------------------------------------------------------------
>>
>>
>>>>-------------
>>>>
>>>>
>>>>
>>--------------------------------------------------------------
>>
>>
>>>>-------------
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>--------------------------------------------------------------
>>-------------
>>
>>
>>--------------------------------------------------------------
>>-------------
>>
>>
>>>
>>>
>>--------------------------------------------------------------
>>-------------
>>--------------------------------------------------------------
>>-------------
>>
>>
>>
>
>
>---------------------------------------------------------------------------
>---------------------------------------------------------------------------
>
>
>

---------------------------------------------------------------------------
---------------------------------------------------------------------------

• Previous message: Ansgar -59cobalt- Wiechers: "Re: Windows Update v5 and XPSP2RC2"
• In reply to: Laura A. Robinson: "RE: Browser Vulns"
• Next in thread: Eduardo Sánchez: "RE: Browser Vulns"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]