Security Basics mailing list archives
Re: Eliminate iframes
From: Andre Silaghi <andre.silaghi () googlemail com>
Date: Mon, 24 Jun 2013 07:48:53 +0200
Hi there, Thank you very much for your answers here. Well no I do not have any websites including iframes but I want to prevent further infections of my users which will visit infected websites perhaps. And yes I need something more centralized like just one point of configuration and every user behind is protected by the service. I will have a look at IPCop and McAfee Web Gateway. But I really do not want to block the entire websites because it is just the malicious iframe. And many page owners do not even know that their website has been compromised. The only "useful" iframes seems to me to be the "Like" and "+1" buttons but the user will not need any social network connections here. It would be good to know if the iframes are used in such an important way for the content of a webpage that you can't get rid of them. best regards! 2013/6/22 Jaeschke, Samuel (Port Augusta Secondary School) <Samuel.Jaeschke56 () schools sa edu au>:
Hi André, I'm going to assume you are talking about websites on the public internet, which you do not control. If you are having issues with your own website being compromised then it's quite a different matter. I would recommend to not disable iframes since a lot of legitimate websites also use them. If you choose to though, the method will depend on which web browser you are using. Here's some notes for Firefox: http://forums.mozillazine.org/viewtopic.php?f=38&t=500589 Apparently it's also possible in IE and Opera, just google for it. A better approach is to block the websites which host the malicious downloads (the website which loads inside the iframe). This also protects you from a number of other kinds of attacks. One way to do this is by implementing a web proxy, which will allow you to filter out which websites can be accessed from within your network. A proxy communicates directly with the web-browser at the application level, and can filter both target URLs and web-page content. Ones I have used (or seen used) include McAfee Web Gateway (very good) and IPCop (which is free), though there are many others out there. Some of these will automatically download an updated database of websites, sorted by category. So you could for example block the "Malicious" category (or similar), and then when new malicious websites are discovered they will automatically be blocked also. This is a low-maintenance approach, with a high degree of both control and precision. Most web gateways (including both McAfee and IPCop) are also capable of performing virus scanning and many other features. Another approach is by using a modified hosts file. This works by pointing the bad domain names to 'nowhere', making them inaccessible. See here: http://winhelp2002.mvps.org/hosts.htm http://someonewhocares.org/hosts/zero/ On an enterprise network you would instead add the entries to your DNS server's root zone, for both performance and ease of administration. You could also create a "blocked" webpage to avoid some confusion, and place it on a webserver in your network. Then instead of directing these entries to 0.0.0.0 you would use the IP of your server hosting the blocked page. Beware that this method could easily get messy if not carefully maintained, and will need you to update it manually. This method also cannot distinguish between webpages within each website. A proxy (or web gateway) is a far more thorough and effective solution. Hope this helps, SamJ :) ________________________________________ From: listbounce () securityfocus com [listbounce () securityfocus com] on behalf of Andre Silaghi [andre.silaghi () googlemail com] Sent: Friday, 21 June 2013 23:01 To: security-basics () securityfocus com Subject: Eliminate iframes hi community, I am curious about your way of getting rid of iframes within large - enterprise - networks. The problem is that a couple of websites are trying to infect you using drive-by downloads mostly via iframes within hijacked websites. The firewalls will not do it since it operates only in osi level 3 or 4 but not within the application level where iframes are usually transfered via http. Is there any solution you could propose? best regards, andré ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ This message is intended for the addressee named and may contain privileged information or confidential information or both. If you are not the intended recipient please delete it and notify the sender.
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Eliminate iframes Andre Silaghi (Jun 21)
- Re: Eliminate iframes Adolfo Abegg (Jun 21)
- Message not available
- Re: Eliminate iframes Andre Silaghi (Jun 23)
- Message not available
- Re: Eliminate iframes Andre Silaghi (Jun 26)
- Re: Eliminate iframes Joshua Trabing (Jun 26)
- Re: Eliminate iframes Andre Silaghi (Jun 26)