I fail to see how it can be exploited? My AV software will capture the bad things, my firewall will block ALL types of traffic coming into my machine by default. All uncessary ports have been disbled from listening and the only ones I have open are the ones I know I require. I do not see how one unfiltered URL data in a CFML page can exploit the machine?
-----Original Message----- From: Dave Watts [mailto:[EMAIL PROTECTED]] Sent: 22 January 2003 10:23 To: CF-Talk Subject: RE: Goodbye cruel world > This is nonsense. Apart from the fact BlackICE does not > monitor outbound traffic - only blocking incoming unless > specified otherwose and in the time I have used it I > have had 100% security from it - which has been tested > by several 'how safe is your machine' tools. Unfortunately, it isn't nonsense. The problem with this is that, if you do allow any legitimate incoming traffic, and there's any chance that this traffic can be exploited, and you don't limit outbound traffic, you can't really get a handle on your machine's security. This won't be caught by the "how safe is your machine" tools, either. All it takes is one unfiltered SQL query using form or URL data in a CFML page (malformed data passed through "legitimate channels"). Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
