Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_4

Bugtraq archives for 4th quarter (Oct-Dec) 1998: Re: IE4 Custom Folder

Re: IE4 Custom Folder

Christopher K Davis (ckdCKDHR.COM)
Fri, 2 Oct 1998 16:52:07 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: dbarba: "Internet Wide DOS Attack using IRC"
Previous message: Mike Holling: "Announcements from The Palace (fwd)"
In reply to: David LeBlanc: "Re: IE4 Custom Folder"
Next in thread: M.C.Mar: "Some revelations about ssh and stackpatch"

David LeBlanc <dleblancMINDSPRING.COM> writes:

> With respect to disabling this attack on Win95, your only options are (in
> personal order of preference):

> 1) Install NT, precreate desktop.ini files and lock them down
> 2) Don't share anything
> 3) Disable active desktop

I'm not sure #2 stops all variants of this attack; what happens if
someone mails you a desktop.ini file, and then you go to look in your
mailer's attachments directory?  My (untested) guess is that you lose.

--
Christopher Davis * <ckd-sigckdhr.com> * <URL:http://www.ckdhr.com/ckd/>
Put location information in your DNS! <URL:http://www.ckdhr.com/dns-loc/>

Next message: dbarba: "Internet Wide DOS Attack using IRC"
Previous message: Mike Holling: "Announcements from The Palace (fwd)"
In reply to: David LeBlanc: "Re: IE4 Custom Folder"
Next in thread: M.C.Mar: "Some revelations about ssh and stackpatch"