Re: Minimal User Interaction with Links

[PEra <lists () sevenlayers org>]

Hello Sandeep Cheema,

51l3n73y3s wrote:
> As soon as I click on it, my AV gives me the message about the detection 
> at "%temp%\ NcsWJCau.com.part" and the page also gives me an option to 
> save the file. Doesn't this mean that the file is being stored in the 
> temp directory without user interaction?

From the ".part" in the file name I assume you are unsing 
Firefox/Mozilla browser. And yes, you are right - Firefox starts 
downloading right away after you click the link. It downloads to a 
temporary directory while you are browsing your filesystem with the 
"save as" dialog.

If you choose to not download the file by closing the "save as" window, 
the file is deleted. I don't know if it could be a security problem - 
downloaded files are randomly named and not executed. Mozilla sees it as 
a feature :)

Best regards,
PEra



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------