Bugtraq mailing list archives
Re: security enforcement - new monitor for winnt
From: Liu Die Yu <liudieyuinchina () yahoo com cn>
Date: Tue, 30 Mar 2004 22:34:51 -0800 (PST)
i've downloaded iecontroller and checked the app. no, they do not do the same thing: iecontroller can monitor ie's network activities(the "Internet" tab), but winblox can't. iecontroller can monitor ie's activex(the "ActiveX" tab), but winblox cannot. iecontroller is designed for protecting ie(*ie*controller), but winblox is not. (winblox can monitor all applications which load USER32.DLL) iecontroller cannot monitor commandline, but winblox can. of course, i don't expect a single monitor to monitor all things :-P most importantly, i believe a monitor must have: console-mode config tool, text config file, and log file, just like all linux daemons(for flexiblity), but iecontroller does not have such features yet. btw, source code will be published soon. best wishes, --- Amir Mohammadkhani-Aminabadi <amir.mohammadkhani () einsurance de> wrote:
Please take a look at: http://www.heise.de/ct/ftp/projekte/iecontroller/ Its open source and seems to do the same thing. ----- Original Message ----- From: "Liu Die Yu" <liudieyuinchina () yahoo com cn> To: <bugtraq () securityfocus com> Sent: Tuesday, March 30, 2004 6:34 AM Subject: security enforcement - new monitor for winnti want to stop ie: writing EXE/CAB/LNK ... files, calling MSHTA.EXE to parse remote web pages, accessing files outside "favorites" and cache("content.ie5"). i want to stop WSCRIPT.EXE from parsing files inside TEMP and cache. i want to stop the system running executable files located in TEMP andcache.afaik, i can stop ie 0day exploits by doing these things. so, i made this: http://umbrella.name/winblox/ of course, free. and you can define your own rules easily(assuming youguys know a bit about regular expression).it's totally a new idea(afaik). so, not for operational uses.
__________________________________ Do you Yahoo!? Yahoo! Finance Tax Center - File online. File on time. http://taxes.yahoo.com/filing.html
Current thread:
- security enforcement - new monitor for winnt Liu Die Yu (Mar 30)
- Re: security enforcement - new monitor for winnt Amir Mohammadkhani-Aminabadi (Mar 30)
- Re: security enforcement - new monitor for winnt Liu Die Yu (Mar 31)
- RE: security enforcement - new monitor for winnt Oliver Lavery (Mar 31)
- RE: security enforcement - new monitor for winnt Liu Die Yu (Mar 31)
- <Possible follow-ups>
- Re: security enforcement - new monitor for winnt http-equiv () excite com (Mar 30)
- Re: security enforcement - new monitor for winnt Amir Mohammadkhani-Aminabadi (Mar 30)