The Compleat Iconoclast
|
The Compleat Iconoclast
|
|
...Vote For Your Favorite Wench... mld, June 5, 2002 at 8:20:06 PM CEST The Never-Ending Story... ... of IE security bugs... This is a public service announcement for my faithful readers. I assume that most of you have lives, and therefore can't afford the time to monitor this sort of thing. It's just about a full-time job with M$ stuff. So, despite my protestations to the contrary, here's another post on this subject... There's a new security bug discovered. It uses a hole in the gopher protocol, one of the original seven protocols [1] used by the internet. It's now largely unused and ignored, but malicious html code can open the hole, even if you don't start up the gopher protocol... For those of you interested in the details, you can read the full article. Those of you that could care less, but want to be protected from the exploit, should do this... "Online Solutions recommends that until Microsoft releases a patch, IE 5.5 and 6.0 users should disable Gopher by going to the Tools menu and accessing "LAN Settings" under "Connections." They should then open the "Use proxy server for your LAN" box and access the "Advanced Tab." Finally, users should go to the Gopher text field and enter "localhost" and "1" in the port setting box." Those of you with a locked up tight, properly configured firewall probably don't need to worry. I strongly advise one, even if you just use dialup, but especially with broadband. I use Tiny Personal Firewall on Windoze boxes. It's free and once it sets up, your computer becomes invisible on the network, and locked up tighter than Mother Teresa's... uhh, never mind. You can get it here. After you do that, you need to look at your machine to make sure it's set up securely. You can pay somebody about a zillion bucks to do it for you, but an excellent free security audit is available here. It will scan your machine for open ports, etc., list your security problems, if any, and offer advice on how to fix them. I have no clue what you Mac users should do. (Actually, I do. Buy a PC :-) Back to your regularly scheduled programming... [1] The original seven are: mail, http, archie, gopher, ftp, wais, and telnet, if you care. |
|
...up and running for 8289 days
last touched: 9/11/15, 7:48 AM ...login status...
hello, stranger.
i live for feedback. schmack me with your syllables... but first you have to login. it's free. ...search this site...
...menu...
...new posts and comments...
...bloggus amicus...
... beth
... capt. napalm ... craniac ... emdot ... genee ... gina ... kc ... macker ... rosalie ... sasha ... seajay ... spring dew ... stacia ... timothy ... wlofie ...antville amicae...
...obligatory blogrolling...
... steven den beste ... jack cluth ... susanna cornett ... cox & forkum ... kim du toit ... glenn frazier ... jane galt ... stephen green ... h-town blogs ... charles johnson ... james lileks ... robert prather ... bill quick ... glenn reynolds ... donald sensing ... rand simberg ... mike spensis ... andrew sullivan ... spinsanity ... bill whittle ... wretchard ...daily stops...
mailbot powered by
...headlines from space.com...
  powered by  |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||