to prevent useage of
streams on NTFS, you don't blame the filesystem that the input gets passed
to, it's the job of the ftp server to do the sanitizing of untrusted input.
Geo.
. Put the mailto link
in an untrusted html page and make it work with IE7.
Geo.
- Original Message -
From: Thierry Zoller [EMAIL PROTECTED]
Again Geo, NOBODY has said that this is a vulnerability OF IE7 ITSELF we
said
the handler that IE7 installs is broken.
I'm not disagreeing with that statement. I'm saying this input should never
get that far.
Geo.
based
applications and a count column of the number of exploits each has had to
patch so folks can make an informed decision when looking for php based web
apps.
Geo.
.
Is php secure by default when it's installed on a server?
Geo.
that
process credit cards).
Geo.
written for them require patching, how often each are being used to
exploit servers, etc.
We need some sort of a rating system that allows the users to see the
difference and to understand that more doesn't always mean better.
Geo.
before it bypasses values in the hosts file so the user
is allowed to permit or deny it. Had they done that I would have defended
their actions, it's when they mess with a users security without asking that
I find it inappropriate behavior for a company like MS.
Geo.
hosts then fix the problem instead of ignoring hosts.
Provide a locking mechanism for hosts, remove the trojan, there are a
hundred ways to fix this that are far more proper ways to do things than
this.
Geo.
.
Geo.
Geo, the default is bad. However, it is not a Microsoft issue, this is a
spoofing issue. Many like to bash Microsoft, some hate them. Myself I am
known as a Microsoft critic at times.
Please don't misunderstand me, I'm not bashing MS or even being a critic
(although I have been at times
to be able to figure out how to disable it so enabled by default
really should not be a change that is an issue for router manufacturers.
Geo.
techniques they used for smtp?
Granted a port 53 inbound block would make more sense for the current
example but just like bots started running their own SMTP engines I see the
dns flood model changing to fit the new landscape.
Geo.
this requires is a moderate level of
competence in the person who has designed the service.
Really? Ok educate me, how do you do this with Windows 2000 running MS dns?
(telling people to use another server is not acceptable)
Geo.
virtually every function on the internet?
It's not a conspiracy theory, it's fact, if you create a control like that
someone is going to want to control it. I suggest only that we consider this
along with everything else.
Geo.
for
entities to control large sections of the internet since folks from those
sections won't be able to use anyone else's DNS servers or even run their
own (much like port 25 blocking limits who can run a mail server today). He
who controls dns controls the network.
Geo.
or the people working on it. In fact it shows you know more
than the people who refuse to recognize the reality.
Geo.
flood at least to the provider level if
not to the exact IP.
Geo.
received 200K
of traffic. That's the amplification, one small udp packet, one large text
record in return.
Note, I don't have to use your local servers, but this way it makes it more fun
to troubleshoot because it looks like you are the cause of your own flooding..
Geo.
19 matches
Mail list logo