Web Security
Home Up Web Security Sites Links

 

Home Next

Up

ourmission
theweb.gif (1103 bytes)
booksandbibles16
thenewsroom
governmentrm.gif (1147 bytes)
searchpage
tutorials
webtools
websecurity

What is the Web?

Privacy & Disclaimer
copyrights
notices
HOME

Visitors Since
Aug - 2004
Hit Counter

 

Web Security

 

Web & Network Security

WWW Network Security

bulletMS Internet Explorer
bulletSocks
bulletWhite Papers

 

FAQs Lists

The Computer Security Evaluation - Frequently Answered Questions (V2.1)
This list is from the Trusted Products Evaluation Program site. Answers to common questions about the evaluation of trusted products. The current official version of this FAQ may be found at <http://www.radium.ncsc.mil/tpep/process/faq.html>.
  1. What is the National Computer Security Center (NCSC)?
  2. What is TPEP?
 

Sites

C2 Net at https://www.c2.net

C2Net's security products fall into two product lines, Stronghold servers and SafePassage client-side products. The Stronghold Web Server is a secure, commercial web server based on the world's most popular web server, Apache. C2Net is committed to providing secure solutions using strong cryptography worldwide.

Their product Safe Passage Web Proxy adds strong cryptography to any existing Web browser and works with any existing SSL Web server.

Alerts

MS Internet Explorer
One problem concerns the ability of a programmer to write code in a Web page that uses Internet Explorer 3.x versions to access a Web page hyperlink that points to a .LNK (a Windows shortcut file on Win 95) or .URL (Win 95 or NT ) file. Pointing to either type of link could launch a program or an executable that could cause damage to a computer. The creator of the link would have to know about and write to / for the specific program installed (name and path) on the user’s hard drive in order for this technique to work.
However, URLs can be of a greater risk because they can be created at the server using server side scripts. These scripts could generate the URLs to match the setup of the user's (target machine) computer.

 

BIND - the Berkeley Internet Name Daemon
Several vulnerabilities in the Berkeley Internet Name Daemon (BIND) have been fixed in the current version of BIND. One of those vulnerabilities is now being exploited, a vulnerability that results in cache poisoning (malicious or misleading data from a remote name server is saved [cached] by another name server). All versions of BIND before release 8.1.1 are vulnerable.
Among these is server cache poisoning. Cache poisoning occurs when malicious or misleading data received from a remote name server is saved (cached) by another name server. This "bad" data is then made available to programs that request the cached data through the client interface.

MS Internet Explorer -

bullet

One problem concerns the ability of a programmer to write code in a Web page that uses Internet Explorer 3.x versions to access a Web page hyperlink that points to a .LNK (a Windows shortcut file on Win 95) or .URL (Win 95 or NT ) file. Pointing to either type of link could launch a program or an executable that could cause damage to a computer. The creator of the link would have to know about and write to / for the specific program installed (name and path) on the user’s hard drive in order for this technique to work.
However, URLs can be of a greater risk because they can be created at the server using server side scripts. These scripts could generate the URLs to match the setup of the user's (target machine) computer.

bullet

The META REFRESH tag can be used to execute multiple commands in sequence (demo at cybersnot.com). This demo copies a .BAT file into your Internet Explorer cache and then runs the .BAT file. This .BAT will create a new key in your registry called "HKEY_CURRENT_USER/Software/Cybersnot". It will then open your AUTOEXEC.BAT and CONFIG.SYS in notepad. Finally, it will open REGEDIT so that you can view the key it creates.

bulletSimple Win 95 example - The following link will start the standard calculator which comes with Windows 95.
Windows Calculator (.lnk).
Windows Calculator (.url).
bulletExample - A Web site operator could post a link to an ".url" file that creates a folder on a user's computer and then deletes it.

The security holes discovered relate to Internet Explorer 3.01, 3.00 and are corrected by downloading version 3.02 from Microsoft.

Microsoft also provides a Security Update service on their web site at http://www.microsoft.com/ie/security/update.htm . If you are an international user and / or are using an international version of IE, then you should use http://www.microsoft.com/ie/security/intl_fix.htm

What does Internet Explorer 3.02 fix?

bullet"Cybersnot" Security Concerns
bulletInformation Week - http://www.infoworld.com/cgi-bin/displayStory.pl?97033.wbug.htm
bulletCNN - http://www.cnn.com/TECH/9703/04/internet.explorer.bug/index.html
bulletMIT Variation of Cybersnot Information
bulletUniversity of Maryland Security Concerns
bulletCNET News
Microsoft Version - CNET Security Concerns
Original - http://www.news.com/News/Item/0,4,8447,00.html
bulletHyperlink Security Concerns
bulletJava Cache Security Concerns

Internet Explorer Bug - Page and examples at http://www.cybersnot.com/iebug.html
Discovered By Paul Greene //// Page and Examples by Geoffrey Elliott & Brian Morin

 

Socks

The SOCKS protocol is an open, industry standard that enables secure firewall traversal at the OSI session layer by proxying connection requests and relaying data. The current release is SOCKS v5. SOCKS v5 includes open support for authentication and encryption methods, UDP traffic, and DNS.

White Papers:

Aventail AutoSOCKS: The Client Key to Network Security
Last Edit: Thursday, 24. October 2002

Questions: questions@cezwright.com.
Comments :  comments@cezwright.com.
Copyright © 1984 - 2005  Ugenie PCS & The Consumer Education Zone - All rights reserved.
Special
Acknowledgement of Copyright Holders
Revised: August 20, 2005 12:24 PM -0400.