a pic of my brain The Compleat Iconoclast
 
...Vote For Your Favorite Wench...

Wednesday, 5. June 2002

The Never-Ending Story...


... of IE security bugs...

This is a public service announcement for my faithful readers. I assume that most of you have lives, and therefore can't afford the time to monitor this sort of thing. It's just about a full-time job with M$ stuff.

So, despite my protestations to the contrary, here's another post on this subject...

There's a new security bug discovered. It uses a hole in the gopher protocol, one of the original seven protocols [1] used by the internet. It's now largely unused and ignored, but malicious html code can open the hole, even if you don't start up the gopher protocol...

For those of you interested in the details, you can read the full article.

Those of you that could care less, but want to be protected from the exploit, should do this...

"Online Solutions recommends that until Microsoft releases a patch, IE 5.5 and 6.0 users should disable Gopher by going to the Tools menu and accessing "LAN Settings" under "Connections." They should then open the "Use proxy server for your LAN" box and access the "Advanced Tab." Finally, users should go to the Gopher text field and enter "localhost" and "1" in the port setting box."

Those of you with a locked up tight, properly configured firewall probably don't need to worry. I strongly advise one, even if you just use dialup, but especially with broadband. I use Tiny Personal Firewall on Windoze boxes. It's free and once it sets up, your computer becomes invisible on the network, and locked up tighter than Mother Teresa's... uhh, never mind.

You can get it here.

After you do that, you need to look at your machine to make sure it's set up securely. You can pay somebody about a zillion bucks to do it for you, but an excellent free security audit is available here.

It will scan your machine for open ports, etc., list your security problems, if any, and offer advice on how to fix them.

I have no clue what you Mac users should do. (Actually, I do. Buy a PC :-)

Back to your regularly scheduled programming...

[1] The original seven are: mail, http, archie, gopher, ftp, wais, and telnet, if you care.


 

... Link (0 comments) ... Comment


 
...up and running for 8290 days
last touched: 9/11/15, 7:48 AM
...login status...
hello, stranger.
i live for feedback.
schmack me with your syllables...
but first you have to login. it's free.
...search this site...
...menu...
June 2002
SunMonTueWedThuFriSat
1
2345678
9101112131415
16171819202122
23242526272829
30
MayJuly
...new posts and comments...
...bloggus amicus...
... beth
... capt. napalm
... craniac
... emdot
... genee
... gina
... kc
... macker
... rosalie
... sasha
... seajay
... spring dew
... stacia
... timothy
... wlofie
...antville amicae...
... ceridwen
... daveworld
... jane95
... kate
...obligatory blogrolling...

...daily stops...
... domai
... google
... nation states
... yahoo
get email when the blog updates

email:
let me know   
quit bugging me      
mailbot powered by
Conman Labs Logo
...headlines from space.com...



RSS Feed

Made with Antville
powered by
Helma Object Publisher