-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The directory display was done with a javascript app embedded on the web page, that will bring up the contents of your root directory. I viewed this one on a BSD box, with no java enabled through the browser.
The page that was re-directed after viewing this one, was nothing more than a display of some very basic HTTP headers - nothing was sent back to them. Looks like nothing more than a scam attempt (a very bad one at that). Chip - ----- Chip McClure Sr. Unix Administrator GigGuardian, Inc. http://www.gigguardian.com/ - ----- On Thu, 28 Feb 2002, LS wrote: > Hi all, > > I was sent the following address: > > http://www.security7.ch.vu/ > > When entering, it claims that you are exposed and tracked and a lot of information > is stored on your computer (doh..altho i dont keep names on it etc..). > What caught my attention is that the show you the contents of your root directory > (c:\ for a windows machine...). > What's alarming is that I don't see how this thing could've been done. I dont allow > any shares, I dont allow any services, and unless it is an IE exploit of some sort, > there is no other way to explain it. My firewall (TPF) handles all the microsoft > network issues and only internal LAN can even see my nbt name etc... > this is weird. > Anybody know how this is done ? > > Regards, > Eli > > > -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.76 iQA/AwUBPH+8c5uKtP8CSC69EQL5PgCfQud6pEI64CwKzI11kvINsE3yM94AoM7H GyYYMTus9p7/qmKUzWD5Vb7d =FsiS -----END PGP SIGNATURE-----
