[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] IE is just as safe as FireFox

To: joe <mvp@xxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
From: Raoul Nakhmanson-Kulish <raoul@xxxxxxxxxxxxx>
Date: Fri, 26 Nov 2004 16:09:36 +0300

Hello, joe!

Anyway, you can specify an unlimited amount of non-proxied servers in autoconfiguration script. More, you may modify autoconfig rules as frequently as needed, or even do it automatically.
Agreed. But if the idea is to protect your internal clients from your
intranet web servers, the proxy isn't doing much for you.

General idea is prevent HTTP interaction with any LAN host which isn't a known intranet server. The proxy can and should do it.

Plus again,
someone can just configure their machine to not use the proxy as mentioned
previously.

Again, we speak about fool-proofing, not about deliberate saboteurs.

This isn't something that is reasonable to manage in a large organization and does nothing from stopping people from selecting alternate ports.

Port number is unrelated here. A browser tuned to use proxy uses it for HTTP on any port.

--
Best regards,
Raoul Nakhmanson-Kulish
Elfor Soft Ltd.,
ERP Department
http://www.elforsoft.ru/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] IE is just as safe as FireFox
  - From: joe

Prev by Date: Re: [Full-Disclosure] Mailing lists and unsolicited/malicious spam
Next by Date: RE: [Full-Disclosure] Mailing lists and unsolicited/malicious spam
Previous by thread: Re: [Full-Disclosure] IE is just as safe as FireFox
Next by thread: Re: [Full-Disclosure] IE is just as safe as FireFox
Index(es):
- Date
- Thread