Security Basics mailing list archives
Re: Minimal User Interaction with Links
From: Micheal Espinola Jr <michealespinola () gmail com>
Date: Fri, 14 Aug 2009 16:54:08 -0400
If I understand you correctly, it means that your AV intercepted the request, and reached out and touched/scanned this file before allowing your application the option of downloading it. Of the ones I am aware of, NOD32 does this cleaning with no other download/save prompts - only a popup saying the connection was terminated and that the file was quarentined. Symantec does similar, but you are still left with a save prompt. If you choose to save (with Symantec), you then receive an error. Under normal circumstances, no, it is not possible in this day and age (i.e with an up-to-date OS) to automatically execute/save a file by clicking a link. -- ME2 On Fri, Aug 14, 2009 at 2:02 PM, 51l3n73y3s <51l3n7 () live in> wrote:
Hello list, Is it possible to execute or save a file by just clicking on a link? I might be missing something over here, here is a sample eicar test string http://www.eicar.org/download/eicar.com As soon as I click on it, my AV gives me the message about the detection at "%temp%\ NcsWJCau.com.part" and the page also gives me an option to save the file. Doesn't this mean that the file is being stored in the temp directory without user interaction? -Sandeep Cheema ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Minimal User Interaction with Links 51l3n73y3s (Aug 14)
- Re: Minimal User Interaction with Links Micheal Espinola Jr (Aug 14)
- Re: [WEB SECURITY] Re: Minimal User Interaction with Links Steven M. Christey (Aug 14)
- Message not available
- RE: [WEB SECURITY] Re: Minimal User Interaction with Links Schmidt, Chris (Aug 18)
- Re: [WEB SECURITY] Re: Minimal User Interaction with Links 51l3n73y3s (Aug 18)
- RE: [WEB SECURITY] Re: Minimal User Interaction with Links Schmidt, Chris (Aug 18)
- RE: [WEB SECURITY] Re: Minimal User Interaction with Links Vance, Michael (Aug 18)
- Re: [WEB SECURITY] Re: Minimal User Interaction with Links 51l3n73y3s (Aug 18)
- Re: [WEB SECURITY] Re: Minimal User Interaction with Links Bil Corry (Aug 18)
- Re: [WEB SECURITY] Re: Minimal User Interaction with Links 51l3n73y3s (Aug 18)
- Re: [WEB SECURITY] Re: Minimal User Interaction with Links Steven M. Christey (Aug 14)
- Re: Minimal User Interaction with Links Micheal Espinola Jr (Aug 14)