|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Browser Vulns
From: Harlan Carvey (keydet89
yahoo.com)
Date: Mon Jul 19 2004 - 13:39:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Laura,
Having spent time in a small (400+ user base)
organization, I'd say that your approach would work
much better, especially considering that Eric provides
no workable solution for "run desktop monitoring
software".
--- "Laura A. Robinson" <laurarobinsonearthlink.net>
wrote:
> Just out of curiosity, how many (few) users do you
> have that this is a
> workable approach? And wouldn't ingress/egress
> monitoring be more effective
> than poking at cookies?
>
> Laura
>
> > -----Original Message-----
> > From: Eric McCarty [mailto:ericlawmpd.com]
> > Sent: Wednesday, July 14, 2004 11:27 AM
> > To: James Bowman; focus-mssecurityfocus.com
> > Subject: RE: Browser Vulns
> >
> > I prefer Choice E : Education
> >
> > Tell your users what to do and not do, then run
> desktop
> > auditing software to review browser/cookie history
> to see
> > violators of the policy and take appropriate
> action.
> >
> > Patching wont help if no patch exists. Check out
> Pivx for choice B.
> >
> > Eric
> >
> > -----Original Message-----
> > From: James Bowman [mailto:jimdrexel.edu]
> > Sent: Tuesday, July 13, 2004 9:11 PM
> > To: focus-mssecurityfocus.com
> > Subject: Browser Vulns
> >
> >
> >
> >
> > Posing a question to Security Managers regarding
> the massive
> > attention now on browser vulnerabilities.
> >
> >
> >
> > How are you reacting (if at all):
> >
> > A: Patching
> >
> > B: HIPS / HIDS
> >
> > C: Content filtering via proxy
> >
> > D: Other...
> >
> >
> >
> > For those choosing B:, how is your flavor of HIPS
> / HIDS faring?
> >
> > For those choosing C:, what is working for you,
> and for
> > either B: or C:, is it signature or PAD based?
> >
> >
> >
> > JB
> >
> >
> >
>
--------------------------------------------------------------
> > -------------
> >
>
--------------------------------------------------------------
> > -------------
> >
> >
> >
>
--------------------------------------------------------------
> > -------------
> >
>
--------------------------------------------------------------
> > -------------
> >
>
>
>
---------------------------------------------------------------------------
>
---------------------------------------------------------------------------
>
>
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]