On Thu, July 8, 2004 4:51 am, Sapheriel said: > well, i read about a hacker scenario once that utilizes IE vulnerabilities > by exploiting the interests of employees. basically, you lure an employee > to a website you prepared that exploits some bug in IE to install a trojan > on that pc, thus bypassing firewall and other security precautions.
Don't forget that the "website" you lure the person too can also be an email, or anything else with embedded HTML - one of those chain-mail power point things - almost anything. -Eric -- arctic bears - affordable email and name services @yourdomain.com http://www.arcticbears.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
