BugTraq
Back to list
|
Post reply
security enforcement - new monitor for winnt
Mar 30 2004 04:34AM
Liu Die Yu (liudieyuinchina yahoo com cn)
(1 replies)
i want to stop ie:
writing EXE/CAB/LNK ... files,
calling MSHTA.EXE to parse remote web pages,
accessing files outside "favorites" and cache("content.ie5").
i want to stop WSCRIPT.EXE from parsing files inside TEMP and cache.
i want to stop the system running executable files located in TEMP and cache.
afaik, i can stop ie 0day exploits by doing these things.
so, i made this:
http://umbrella.name/winblox/
of course, free. and you can define your own rules easily(assuming you guys know a bit about regular expression).
it's totally a new idea(afaik). so, not for operational uses.
[ reply ]
Re: security enforcement - new monitor for winnt
Mar 30 2004 04:53PM
Amir Mohammadkhani-Aminabadi (amir mohammadkhani einsurance de)
(1 replies)
Re: security enforcement - new monitor for winnt
Mar 31 2004 06:34AM
Liu Die Yu (liudieyuinchina yahoo com cn)
Privacy Statement
Copyright 2010, SecurityFocus
i want to stop ie:
writing EXE/CAB/LNK ... files,
calling MSHTA.EXE to parse remote web pages,
accessing files outside "favorites" and cache("content.ie5").
i want to stop WSCRIPT.EXE from parsing files inside TEMP and cache.
i want to stop the system running executable files located in TEMP and cache.
afaik, i can stop ie 0day exploits by doing these things.
so, i made this:
http://umbrella.name/winblox/
of course, free. and you can define your own rules easily(assuming you guys know a bit about regular expression).
it's totally a new idea(afaik). so, not for operational uses.
[ reply ]