Full Disclosure mailing list archives
RE: IE
From: "{tonyFelice}" <tony () breckcomm com>
Date: Sat, 17 Jul 2004 17:25:29 -0600
It is possible to append information to the user-agent using gpedit.msc (group policy editor). This information will then reside in the HKLM>software>MS>win>currver>inetset>useragent>postplatform. In this case, however, the main information about the browser is still intact. Example: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; <your string here>; .NET CLR 1.1.4322) The question is: what type of info are you trying to conceal, as the user-agent contains very little _sensitive_ info. Anonymous browsing would require spoofing or hiding the IP address, which is not contained in the user-agent. If you are concerned that sites attempting to exploit the IE vulnerabilities (patched or not) would be able to attack you based on this string, it would be advisable to simply use another browser. In any event, it should be available to you at HKCU>software>MS>win>currver>inetset, which is the same folder that holds that Zones. I am not certain that changing this setting will suffice, however. ________________________________________ From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Gabriel Alexadros Sent: Saturday, July 17, 2004 3:40 PM To: Full Disclosure Subject: [Full-disclosure] IE i am qurious if a regedit setting exist in order to alter the user agent of the browser and to conseal info. Thank you _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html