win32.pinfi`
in [Anti-Virus]
|
From: tommy on 30 Nov 2009 10:47 FromTheRafters wrote: > "tommy" <tommylee9_2000(a)removeyahoo.dropcom> wrote in message > news:hf0jbr$sme$1(a)news.eternal-september.org... > >> seems like firefox with noscript might have prevented that. [ its >> happened >> to me before, thats why i use ff ] > > A malicious website can host a wide variety of exploits covering many > different clients. The way to get the user to visit the site varies > (some using script), but this was just a misstep that landed Leythos > in a bad place (with the keys to the machine dangling out of his > pocket). > > Sometimes the user's choice of client only changes the website's > choice of exploit(s). So scripts aren't the only way to infect somebody's pc from a website. Got any cool links for that type of thing? -- Tommy
From: FromTheRafters on 30 Nov 2009 11:01 "tommy" <tommylee9_2000(a)removeyahoo.dropcom> wrote in message news:hf0pff$42s$1(a)news.eternal-september.org... >> Sometimes the user's choice of client only changes the website's >> choice of exploit(s). > > So scripts aren't the only way to infect somebody's pc from a website. > Got any cool links for that type of thing? http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_web_based_attacks_03-2009.en-us.pdf
From: tommy on 30 Nov 2009 13:00 FromTheRafters wrote: > "tommy" <tommylee9_2000(a)removeyahoo.dropcom> wrote in message > news:hf0pff$42s$1(a)news.eternal-september.org... > >>> Sometimes the user's choice of client only changes the website's >>> choice of exploit(s). >> >> So scripts aren't the only way to infect somebody's pc from a >> website. >> Got any cool links for that type of thing? > > http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_web_based_attacks_03-2009.en-us.pdf excellent, thanks -- Tommy
From: Leythos on 30 Nov 2009 13:47 In article <hf0j4h$pt5$1(a)news.eternal-september.org>, erratic(a)nomail.afraid.org says... > > In this case there was no manual anything, as soon as the page started > > to load the tattle-tale DOS box appeared and then closed, doing this > > several times in a few seconds - as each new malware was loaded. > > Why do you run this special isolated machine as admin? > Because it's used for specific functions and the machine is setup for access to sites that MIGHT compromise it. You guys seem to miss that this is a sacrificial machine, just for downloads on the net. -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address)
From: Leythos on 30 Nov 2009 13:48
In article <hf0jbr$sme$1(a)news.eternal-september.org>, tommylee9_2000 @removeyahoo.dropcom says... > seems like firefox with noscript might have prevented that. [ its happened > to me before, thats why i use ff ] > I use to run NoScript on that machine, was to much bother, and the machine was specifically designed/purposed for this type of situation, it was not a production/domain computer, it was setup for just this type of reason, a just in case machine. -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address) |