[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] IE is just as safe as FireFox

To: joe <mvp@xxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
From: DanB UK <danbuk@xxxxxxxxx>
Date: Thu, 25 Nov 2004 10:03:27 +0000

Hi,
> Agreed. But if the idea is to protect your internal clients from your
> intranet web servers, the proxy isn't doing much for you. Plus again,
> someone can just configure their machine to not use the proxy as mentioned
> previously. If the machines are available on the public intranet without
> having to go through some firewall, you can't slap much of a guarantee on
> things not reaching them except via your proxy. You mention setting up
> routing ACL policies for HTTP traffic further down. This isn't something
> that is reasonable to manage in a large organization and does nothing from
> stopping people from selecting alternate ports.

Well if you stick a firewall inbetween and limit to only 80/443 and
then redirect the requests to a web proxy(I know there are issues with
https proxying, like MTM). Then you can filter/drop do what ever you
like.

Cheers,
Dan.

-- 
DanB UK
London, UK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] IE is just as safe as FireFox
  - From: Raoul Nakhmanson-Kulish
- RE: [Full-Disclosure] IE is just as safe as FireFox
  - From: joe

Prev by Date: RE: [Full-Disclosure] FIREFOX flaws: nested array sort() loop Sta ck overflow exception
Next by Date: Re: [Full-Disclosure] MS Windows Screensaver Privilege Escalation
Previous by thread: RE: [Full-Disclosure] IE is just as safe as FireFox
Next by thread: Re: [Full-Disclosure] IE is just as safe as FireFox
Index(es):
- Date
- Thread