Re: [Fwd: Re: AIM Password theft]
No you won't be "A-OK"
1 + 2,
One might just as well install a keylogger and get the passwords that way
3
doesn't do you any good, you can just have a trojan connect to a server
running on port 80 instead of having the attacker connect to you. and it does
nothing for you if someone wants to wipe your HD
4.
trivially to circumvent most of the time it recognizes POC code but change it
a bit and it wont get picked up
5.
Currently we have the highly unusual situation that there are not one but two
unpatched security issues in IE that will allow remote code execution and
which are *EXTREMLY* easy to exploit and infact are actively beeing
exploited. I've been staring at my own code at least twice these weeks (some
scum trying to install a dialer)
There simply isn't a patch available that you can apply, for both these issues
there are workarounds though (reghacks), so applying these is probably your
best bet.
Or you could *despite the fact that I hate to promote a product from a company
that thinks its ok to sue someone for giving their product a bad review* use
finjan's surfingguard which does seem to block a lot of attacks proactivly
--jelmer
On Wednesday 24 September 2003 20:59, DarkKnight wrote:
> In-Reply-To: <3F7077FE.70303@xxxxxxxxxxxxx>
>
> That method of stealing was taken from my website, "counter" is used to
> trick users into thinking that the script is just for a counter, but in
> reality it is just the object vulnerability. Anyways, AIM will do nothing
> to fix this. Why? Because it is not a vulnerability within AIM, nor is it
> really there problem. Prevention-
>
>
>
> 1. Do not save passwords
>
> 2. Delete registry data (only if you use test buddy [staff aim], the
> passwords are in plain text)
>
> 3. Get a firewall
>
> 4. Update/Get a Virus Scanner
>
> 5. Get an IE patch
>
>
>
> Do the above and you will be A-Okay, AIM-wise and all around security wise.
>
>
>
> - DarkKnight (of http://www.insecureonline.com)