"Kempter, Lynda L." wrote:
>
> What are the security implications of allowing ActiveX through the
> firewall? I know it used to be a big no-no, but has it improved enough
> over the past few years that it's no longer a risk?
I can't tell you anything about the relationship between ActiveX
and Flash, but I can tell you this:
Letting ActiveX through your firewall is still a big no-no,
part due to the fact that WAY too many ActiveX components come
installed as "OK for scripting". The problem might not have been
as great a one if ActiveX technology was only used in browsers,
but the way it is, people write their components thinking that
they'll only be used locally without giving second though about
Internet based abuse.
This also opens you up to issues of sloppy coding of "local"
components, such as buffer overruns, bad permissions, auto-
magical functions written to "simplify" things etc etc ad nauseum.
People just don't think abotu these things when their goal
is "local use".
At least half a dozen of the attacks discovered during -99
were ActiveX component based. And those are only the ones that
are public; no way of telling what tricks the Bad Guys(tm)
have up their sleeves.
Regards
/Mike
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46-(0)660-105 50 Fax: +46-(0)660-122 50
Mobile: +46-(0)70-248 00 33
WWW: http://www.enternet.se E-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
