Importance of Blocking active content.
Results 1 to 7 of 7

Thread: Importance of Blocking active content.

  1. #1
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003

    Importance of Blocking active content.

    Greeting's

    I was reading an article at SANS and it reminded me of how important it is to block active content. Many of you who use firefox may be using "Noscript" which help in blocking active content such as java script.


    Although I use Noscript I still prefer removing most of the active content at my firewall level. Most of the software and hardware based firewall provide you with option to block almost all active content.

    I just wanted to remind members here that active content such as active X, Java, GIF's, Hidden frames' Vbscript pose a great threat to security and privacy



    here is the link to the article :

    http://isc.sans.org/diary.php?storyid=1380&rss



    Edit :

    If anyone here doesnt know how this can be done (how active content be blocked) you may provide your firewall name and I will be happy to post how to configure your firewall to remove active content.

    Also for all those who prefer to block at your browser only you might want to First download FIREFOX and then NoScript from here :

    https://addons.mozilla.org/firefox/722/
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  2. #2
    If anyone here doesnt know how this can be done (how active content be blocked) you may provide your firewall name and I will be happy to post how to configure your firewall to remove active content.
    I would be very interested to read about this. I've got the Browsers setup pretty tight, but i' would be interested to read about how Firewalls can be setup in this fashion.

    cheers
    f2B

  3. #3
    Junior Member
    Join Date
    Apr 2006
    Posts
    10
    My friends, we shouldn't be like scared little rabbits when we're on-line. And it makes no sense to dilute the whole Internet experience into a small watery tart of a text browser.

    FWIW- To all those who purposely run around to all the dangerous nooks and crannies on the Internet, I'd suggests doing all browseing full-tilt with a live distro like Knoppix. Nothing is gonna boogey your hard-drive or precious data when the filesystem is READONLY. Worst thing is ya might run out of memory.
    Eating Crow Is Better With MyCrowSauce

  4. #4
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003
    Greeting's

    Okay the importance of what I just mentioned in the thread has increased to a new level

    Please read this :

    http://isc.sans.org/diary.php?storyid=1386&rss

    Also I have found this guide for agnitum's outpost firewall for blocking active content :

    http://www.agnitum.com/products/outp...ntent_demo.php

    Although not the best of demo's, I think most of us will get an idea of what I'm talking about
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  5. #5
    Essentially what your talking about is blocking or filtering active content at the TCP layer...I mean sure you can setup your browser to filter out active content, but that data is still making it to your box when it really has no reason to even be routed there. Security is all about risk managment, so why even allow this? What you need is a proxy server to remove active content for you BEFORE it even gets to your machine...Try googling for privoxy...
    We are a generation without a middle. We have no great war or depression. Our war is a spiritual one, our depression is our lives. We were all raised to believe that we\'ll all be millionaires and rockstars - But we won\'t.
    And we are slowly learning this fact...And we are VERY pissed off about it!

  6. #6
    Junior Member
    Join Date
    Apr 2006
    Posts
    10
    If anyone here doesnt know how this can be done (how active content be blocked) you may provide your firewall name and I will be happy to post how to configure your firewall to remove active content.
    Netfilter's iptables-1.3.0-2

    I don't know how to make rules to block active content and yet still be able to receive TwiceClick ads and have all the features for pretty quick-n-easy postings in this forum.
    Eating Crow Is Better With MyCrowSauce

  7. #7
    Member
    Join Date
    Sep 2003
    Posts
    50
    ??? Didnt the artical say that it was an IE exploit that has been patched. If so than whats the problem? If other browsers are still vulnerable then why not use IE? Its kind of ironic, I have read so much about IE being security defficient but it seems from the article that it is the safe one in this case.

    If you block all questionable content from the internet, what would you be left with??
    "Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
    Albert Einstein
    --The road to hell is paved with good intentions.--

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •