Re: how to stop transmitting ip address and harddrive contents
From: David (davidwnh@adelphia.net)
Date: 11/28/02
- Next message: David: "Re: Configuring a Linksys router/firewall for use with FTP"
- Previous message: David: "Re: Winkdx.exe ??"
- In reply to:(deleted message) Eye of the Storm: "Re: how to stop transmitting ip address and harddrive contents"
- Next in thread: joe@q.net: "Re: how to stop transmitting ip address and harddrive contents"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David" <davidwnh@adelphia.net> Date: Thu, 28 Nov 2002 16:02:34 GMT
Generally these types of sites do this in one of three ways. VBscript,
Javascript, or ActiveX. Scripting within your browser for the most part is
safe, however there are some vulnerabilities that have been discovered, and
probably others that have yet to be discovered. ActiveX for the most part
has been fairly safe, however it does not have some of the security
restrictions that are there with script so it can be potentially dangerous.
ActiveX has also recently been shown to be a "favorite" distribution method
of spyware.
That being said sometimes it is best to control the use of this via your
browser settings. I generally set scripting and ActiveX features in the
browser to "prompt" so that I can decide what I wish to allow. It's a
balance and definitely a personal choice in any case. By stopping all script
and ActiveX you will lose a lot of the functionality and interactivity the
internet has to offer. By allowing all you risk the possibility of
unknowingly getting "malware". With a prompt you decide how much you trust
the sites you visit. The vast majority of scripting and activeX use to this
point has not been malicious, so you must decide the amount of risk you are
willing to accept. We are also given the choice of whether to implement such
control via the browser or other software.
> >Yeah, maybe you do and maybe you don't see. I can go to the same website
and
> >the content of my <C> is not shown to me. Like I said before in a long
> >drawn out previous post thread, I view that file://c:/ being executed in
> >script as a potential security issue to the machine. IE on my machines is
in
> >its default unsecured and unprotected state. And yet BlackIce on the
> >machines will not let file://c:/ or anything like it coming in the
network
> >traffic to be executed.
>
> I don't see how it could possibly be a security issue. Besides, I am
> using BlackICE also, on the paranoid setting, and it in no way blocks
> Internet Explorer content.
- Next message: David: "Re: Configuring a Linksys router/firewall for use with FTP"
- Previous message: David: "Re: Winkdx.exe ??"
- In reply to:(deleted message) Eye of the Storm: "Re: how to stop transmitting ip address and harddrive contents"
- Next in thread: joe@q.net: "Re: how to stop transmitting ip address and harddrive contents"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
