Bugtraq mailing list archives
Re: More Internet Explorer zone confusion
From: paulle () MICROSOFT COM (Paul Leach)
Date: Mon, 8 Mar 1999 11:58:55 -0800
-----Original Message----- From: Oliver Lineham [mailto:oliver () LINEHAM CO NZ] Sent: Monday, March 08, 1999 2:37 AM To: BUGTRAQ () NETSPACE ORG Subject: Re: More Internet Explorer zone confusion At 21:53 5/03/99 -0500, you wrote: Yech.That means that IE has to rely on the URL. By convention,an URL that doesnot end with a "dot-something" (.com, .edu, .gov, etc) isassumed to be aninternal site. I'm told that this is how all web browsers make the distinction. You have to make specific reconfigurations to allow the dotless URLs to resolve externally. Thanks,This is insane - and most probably not how it distinguishes domains at all.
That's correct. I believe that the rule for Intranet zone is simple -- if the name has no "." and is less than 15 characters long, then it's Intranet zone. This algorithm works with the default configuration of Windows. If you configure your machine so that the above assumption is violated, then you'll get a mis-classification. When designing better ways of doing this, keep in mind that the primary tool that the browser has to work with is "gethostbyname" -- which, IMO, doesn't return enough information about how the name was resolved to be helpful for security purposes (even though it garnered some in the process of resolution). For example, it doesn't say whether /etc/hosts or LMHOSTS was used to resolve the name, or which DNS search suffix was used. Paul
Current thread:
- Default password in Bay Networks switches., (continued)
- Default password in Bay Networks switches. Jan B. Koum (Mar 10)
- Re: Default password in Bay Networks switches. Dax Kelson (Mar 10)
- Re: Default password in Bay Networks switches. Dax Kelson (Mar 10)
- Re: Default password in Bay Networks switches. Igor Sviridov (Mar 11)
- Re: Default password in Bay Networks switches. Rolf Obrecht (Mar 12)
- Re: The FPSC-IRCD.txt advisory Bjarni R. Einarsson (Mar 09)
- Windows NT Screen Saver Vulnerability Aleph One (Mar 09)
- 64 bit Solaris 7 procfs bug Toomas Soome (Mar 09)
- Re: More Internet Explorer zone confusion Jim Frost (Mar 09)
- Re: More Internet Explorer zone confusion Christopher Masto (Mar 08)