On Mon, 23 Jul 2007 15:40:48 -0700 "Christian Seifert" <[EMAIL PROTECTED]> wrote:
> Steve, > > I misread your initial email. It seems like the problem is not that capture > reports a site as malicious although it is not (in that case one would have > to edit the exclusion list), but rather you are just being prompted to > enable the phishing filter each time IE7 is opened. Correct - although just most of the time, not always. > > Did you take a snapshot of the VM after you disabled the phishing filter? > Once you disabled the phishing filter and restart IE, does it prompt you > again? > Yes. > Christian > > > On 7/23/07, Steve Holdoway <[EMAIL PROTECTED]> wrote: > > > > On Mon, 23 Jul 2007 14:56:23 -0700 > > "Christian Seifert" <[EMAIL PROTECTED]> wrote: > > > > > Steve, > > > > > > lets check one thing. When you state that you "disabled it", what user > > were > > > you when you did so? One thing to watch out for is that the > > configuration > > > options in IE need to be undertaken with the same user as in the > > > config.xmlfile. If that is administrator, you explicitly need to login > > > as > > > Administrator before making config adjustments in IE. > > I was the same user that the server uses. I've told IE not to use it, and > > done through the internet security options, and disabled it there as well. I > > don't know of anywhere else to disable it... not that that's saying much as > > I look after linux servers for a living! > > > > > > If that wasnt the problem, I would recommend adding this option to your > > > exclusion list, so it is being ignored by Capture in its assessment to > > the > > > malicious nature of the site. > > How? I'd normally read the relevant documentation, but I can't seem to > > find any. I'd also expect this to be a part of a default install! > > > > > > Hope this helps - > > > Christian > > Cheers, > > > > > > Steve > > _______________________________________________ > > Capture-HPC mailing list > > Capture-HPC@public.honeynet.org > > https://public.honeynet.org/mailman/listinfo/capture-hpc > > > > > > -- > ---- > Web: http://www.mcs.vuw.ac.nz/~cseifert > > PGP key > http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt > Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF > _______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
