Bugtraq mailing list archives
Re: More Internet Explorer zone confusion
From: chris () NETMONGER NET (Christopher Masto)
Date: Tue, 9 Mar 1999 01:59:08 -0500
Is this intranet zone thing _really_ of any value? Why is there a built-in default assumption that something from a "local" server is more trustworthy? Consider the following situations: 1. A customer of your ISP, netmonger.net, is evil. They have a page that links or redirects to http://www/~evil/evil.html, taking advantage of the fact that your machine is configured with your ISP's domain in the search list. 2. You go to school at RPI. You have a dorm ethernet connection. Your machine is naive.dorm.rpi.edu, and you have dorm.rpi.edu in your domain search list. An evil person gets evil.dorm.rpi.edu, and you know the rest. 3. You work at Giganticorp and have access to high-level trade secrets. Giganticorp has an intranet where employees can put up their own web pages. An evil employee takes advantage of the default security settings to gain access to your secrets, which he sells to the competition. Numbers 1 and 2 ask the question, "Why are we assuming that a non-qualified host name implies intranet implies trust?" Number 3 asks the question, "Why are we assuming that intranet implies trust?" Another question is "How many people who use IE have no intranet?" Considering that there are a quantity of tools available to deploy IE at your company with preconfigured settings, why not default to not having this intranet zone. If Giganticorp needs to turn down the security, they can do so at the same time they're customizing the rest of the settings. I don't personally use Microsoft products, and I am not quite familiar with the specific security precautions that are disabled for the intranet zone, but if they're enough to cause concern on the Internet, the same problems can occur even when the browser isn't malfunctioning at all. -- Christopher Masto Director of Operations NetMonger Communications chris () netmonger net info () netmonger net http://www.netmonger.net Free yourself, free your machine, free the daemon -- http://www.freebsd.org/
Current thread:
- Re: Default password in Bay Networks switches., (continued)
- Re: Default password in Bay Networks switches. Dax Kelson (Mar 10)
- Re: Default password in Bay Networks switches. Dax Kelson (Mar 10)
- Re: Default password in Bay Networks switches. Igor Sviridov (Mar 11)
- Re: Default password in Bay Networks switches. Rolf Obrecht (Mar 12)
- Re: The FPSC-IRCD.txt advisory Bjarni R. Einarsson (Mar 09)
- Windows NT Screen Saver Vulnerability Aleph One (Mar 09)
- Re: More Internet Explorer zone confusion Tilman Schmidt (Mar 08)
- 64 bit Solaris 7 procfs bug Toomas Soome (Mar 09)
- Re: More Internet Explorer zone confusion Jim Frost (Mar 09)
- Re: More Internet Explorer zone confusion Christopher Masto (Mar 08)