Re: Popup security sales gimmick

From: Adexter (hercules_84058@yahoo.com)
Date: 12/31/02

  • Next message: Scott Schwendinger: "RE: Incident Response Guidelines" 
    Date: Mon, 30 Dec 2002 15:06:39 -0800 (PST)
From: Adexter <hercules_84058@yahoo.com>
To: security-basics@securityfocus.com

    It seems that way. I have ran into similar sales gimmicks many times.
    I usually don't allow Java applets to run on my personal systems.
    Quite a few clients of mine have ran into similar things and been
    seriously "freaked out" as it could do that to a person. It is just a
    little Java Applet trick, of which I am not all that versed on, that
    displays your local root directory to the viewer. As far as I know it
    isn't actually exploitable or even shown to anyone but you.
    Thanks for sending us another link to watch out for.

    Aj Dexter
    Hidden Network Security
    Offering Online Vulnerability Assessments
    http://security.place.cc

    --- netsec novice <netsec9@hotmail.com> wrote:
    > I ran into this popup and initially it concerned me. I thought I
    > would post
    > it here for confirmation on its validity. It appears to me that
    > this site
    > runs a script that simply displays your c: drive contents rather
    > than
    > actually being able to obtain the information. I could see how it
    > could
    > scare some people though.
    >
    > Check it out for yourself.
    > http://www.interneteraser.com/error.html

    __________________________________________________
    Do you Yahoo!?
    Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
    http://mailplus.yahoo.com