lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200411191551.iAJFphd30782@pop-5.dnv.wideopenwest.com>
From: mvp at joeware.net (joe)
Subject: IE is just as safe as FireFox

> Autoconfig script may enumerate hosts which don't require a proxy. 
> Usually there are a very few intranet servers in corporate network.

You should have prefixed "there are very few... " with one of two things 

1. Relative to the internet...

2. In my experience...


I have been on several large corporate networks where there are hundreds or
thousands of intranet web servers hosting tens of thousands of sites. Many
large enterprise class companies are moving whole hog to web based apps
internally (even email) and all available content is on the internal web. 

This is actually the area where IE is so strongly embedded due to its
application interfaces and what MS has been building towards for so long
with it. If you look at this space and compare how firefox renders/operates
next to IE you will see why many companies chose IE as their official
browser even in the face of having more exposure due to security. A lot of
that depends on how the web site is designed/built but there is a lot of
functionality there that can only be reached (and thereby exploited) on IE.
There are companies whose primary LOB applications internally are on IIS
servers and can only be accessed with IE. In those cases it isn't a simple
pick up and replace the browser scenario. 



> More, I consider IE feature to ignore proxy for LAN hosts may be 
> dangerous. Imagine a worm which spreads by this algorithm: it 
> launches HTTP service on victim host, lures user at another PC to 
> open URL pointing to victim, then launches on target PC. The fact 
> as previosly affected host is situated in Local intranet zone, 
> significantly facilitates worm spreading.

I wouldn't really call that a worm. Worms work without interaction. They are
self-propagating/replicating. Malware that spreads that requires user
interaction would generally just be called a virus.


Overall trying to push intranet users accessing intranet content through a
proxy to sanitize web pages would be unsatisfactory because it couldn't
fully be enforced since the content is available right there on the
intranet. Someone could do some form of offline gather or use many different
tools to get the data so forcing firefox or IE to go to a specific proxy
does nothing for you. You would have to put the intranet servers behind some
sort of firewall that you would have to access them though. Plus you
obviously have to scale the proxy to a completely different level if
processing all intranet requests as well as internet requests. 


  joe

-- 
Pro-Choice
Let me choose if I even want a browser loaded thanks!




-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Raoul
Nakhmanson-Kulish
Sent: Friday, November 19, 2004 5:01 AM
To: Esmond; full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] IE is just as safe as FireFox

Hello, Esmond!



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ