Educause Security Discussion mailing list archives
Re: Browser Plugin Check
From: Anthony Maszeroski <maszeroskia3 () SCRANTON EDU>
Date: Thu, 15 Oct 2009 08:33:32 -0400
Gary, That sounds like a great idea to me -- something similar to the "Secure Browsing" tab in Secunia PSI. I think the biggest challenge would be finding someone with the resources necessary to keep the version library up-to-date. I wonder if that would be something the collective user community could handle... Gary Flynn wrote:
Mozilla has put up a web site to check plugin versions on Mozilla based browsers. What would be nice is to have a site that is vendor agnostic driven from a library of plugin/activex/extension version checking scripts vetted and hosted on a trusted party's web site. US-CERT? Educause? OWASP? It would also be nice to be able to import those checks on local sites so that a site could choose to warn visitors of particularly risky code or refuse access to vulnerable, unmaintained clients as policy dictates. Sort of a WebNAC. Workable idea? <https://www-trunk.stage.mozilla.com/en-US/plugincheck/>
-- - Anthony Maszeroski, CCNA, CISSP ----------------------------------- Information Security Manager The University of Scranton email : maszeroskia3 () scranton edu phone : 570-941-4226 -----------------------------------
Current thread:
- Browser Plugin Check Gary Flynn (Oct 13)
- <Possible follow-ups>
- Re: Browser Plugin Check Anthony Maszeroski (Oct 15)
- Re: Browser Plugin Check Flynn, Gerald (Oct 15)