Security Basics mailing list archives
Re: Windows 98 box is 'owned'; Re:
From: GuidoZ <uberguidoz () gmail com>
Date: Fri, 15 Oct 2004 10:09:46 -0700
My suggestion was meant to be used in addition to deploying some other browser and/or mail client. That way they can use IE only for the application and are forced to use the other browser for browsing the web.
I realized that, unfortunately I didn't express the problem I saw very well. =P My fault. It's hard to completely explain the ActiveX component without revealing too much (security/privacy wise), which is limiting the information I can put out to the world. (After all, I'm already concerned about it.) I like the idea and will give it a try, although I'll bet it will cause a problem with the way they link to the database through the ActiveX component. (It sends them through a VPN off to a data warehouse.) I'll bust out Poledit and see what harm it causes. Thanks for the suggestion - I had dismissed it before thinking it would break other aspects, but now that you got me on that path again, it just might work. Thanks for all the help - looks like wheels are finally starting to turn on both ends of this problem. ;) (The java solution was accepted - now we just have to wait for them to develop it. They estimated 4-6 months so I'm stuck with ActiveX and IE until then.)
Regards Ansgar Wiechers
Again, appreciate the intelligent replies. -- Peace. ~G On Wed, 13 Oct 2004 02:41:00 +0200, Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net> wrote:
On 2004-10-08 GuidoZ wrote:On Fri, 8 Oct 2004 21:26:46 +0200, Ansgar -59cobalt- Wiechers wrote:On 2004-10-08 GuidoZ wrote:I'm open to other ideas too from anyone - the situation in a nutshell is an orgranization I support needs to migrate away from IE. (The users really can't handle the spyware and such, no matter how hard I try to educate and prevent.) The only thing holding them back from switching is a proprietary ActiveX application that they use to interface with their data warehouse.I would try to lock down IE and limit access to localhost and the data warehouse host by setting the proxy to 127.0.0.1:9 except for localhost and the data warehouse host. These settings can be enforced through group policies or local policies (if you don't have a Windows 200[03] domain controller at hand). That way they could use IE for the data warehousing application, but not for surfing the web.While that would work quite well, unfortunately they also need to surf the web. (Email too.) Hence why I'd like to get them away from IE. Give them a browser they can use, but is less likely to be hijacked every time I leave their workplace. =/My suggestion was meant to be used in addition to deploying some other browser and/or mail client. That way they can use IE only for the application and are forced to use the other browser for browsing the web. Regards Ansgar Wiechers -- "Those who would give up liberty for a little temporary safety deserve neither liberty nor safety, and will lose both." --Benjamin Franklin
Current thread:
- Re: Windows 98 box is 'owned'; Re:, (continued)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Windows 98 box is 'owned'; Re: Glenn Sieb (Oct 06)
- Message not available
- Message not available
- Re: Windows 98 box is 'owned'; Re: Glenn Sieb (Oct 06)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 07)
- Re: Windows 98 box is 'owned'; Re: Glenn Sieb (Oct 08)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 08)
- Re: Windows 98 box is 'owned'; Re: xyberpix (Oct 08)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 12)
- Re: Windows 98 box is 'owned'; Re: Ansgar -59cobalt- Wiechers (Oct 08)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 12)
- Re: Windows 98 box is 'owned'; Re: Ansgar -59cobalt- Wiechers (Oct 13)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 15)
- Re: Windows 98 box is 'owned' GuidoZ (Oct 04)
- Re: Windows 98 box is 'owned' GuidoZ (Oct 04)
- RE: Windows 98 box is 'owned' xyberpix (Oct 07)