BugTraq
security enforcement - new monitor for winnt Mar 30 2004 04:34AM
Liu Die Yu (liudieyuinchina yahoo com cn) (1 replies)
Re: security enforcement - new monitor for winnt Mar 30 2004 04:53PM
Amir Mohammadkhani-Aminabadi (amir mohammadkhani einsurance de) (1 replies)
Re: security enforcement - new monitor for winnt Mar 31 2004 06:34AM
Liu Die Yu (liudieyuinchina yahoo com cn)
i've downloaded iecontroller and checked the app.

no, they do not do the same thing:
iecontroller can monitor ie's network activities(the "Internet" tab), but winblox can't.
iecontroller can monitor ie's activex(the "ActiveX" tab), but winblox cannot.
iecontroller is designed for protecting ie(*ie*controller), but winblox is not.
(winblox can monitor all applications which load USER32.DLL)
iecontroller cannot monitor commandline, but winblox can.

of course, i don't expect a single monitor to monitor all things :-P

most importantly, i believe a monitor must have:
console-mode config tool,
text config file,
and log file,
just like all linux daemons(for flexiblity), but iecontroller does not have such features yet.

btw, source code will be published soon.

best wishes,

--- Amir Mohammadkhani-Aminabadi <amir.mohammadkhani (at) einsurance (dot) de [email concealed]> wrote:
> Please take a look at:
> http://www.heise.de/ct/ftp/projekte/iecontroller/
>
> Its open source and seems to do the same thing.
>
> ----- Original Message -----
> From: "Liu Die Yu" <liudieyuinchina (at) yahoo.com (dot) cn [email concealed]>
> To: <bugtraq (at) securityfocus (dot) com [email concealed]>
> Sent: Tuesday, March 30, 2004 6:34 AM
> Subject: security enforcement - new monitor for winnt
>
>
> >
> >
> > i want to stop ie:
> > writing EXE/CAB/LNK ... files,
> > calling MSHTA.EXE to parse remote web pages,
> > accessing files outside "favorites" and cache("content.ie5").
> >
> > i want to stop WSCRIPT.EXE from parsing files inside TEMP and cache.
> >
> > i want to stop the system running executable files located in TEMP and
> cache.
> >
> > afaik, i can stop ie 0day exploits by doing these things.
> >
> > so, i made this:
> > http://umbrella.name/winblox/
> > of course, free. and you can define your own rules easily(assuming you
> guys know a bit about regular expression).
> >
> > it's totally a new idea(afaik). so, not for operational uses.
> >
>
>
>

__________________________________
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
http://taxes.yahoo.com/filing.html

[ reply ]
 

Privacy Statement
Copyright 2010, SecurityFocus