Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE:IE
From: John Dowling <greyhatthe2nd () yahoo com>
Date: Tue, 20 Jul 2004 13:34:27 -0700 (PDT)

Not to return to the original post or anything, but
was anyone able to identify the registry keys that
will sucessfully modify the user-agent string?

There seem to be many keys other than
HKLM>software>MS>windows>current_version>internet_settings

And the key at
HKLM>software>MS>windows>current_version>internet_settings>user_agent>post_platform
does not contain information other than what is
available via group policy (is this key even available
to xp home users?)

The real solution is to use a browser with no
known vulnerability (and
that's better if it didn't have a lot in the past),
not to try to hide
what you are using.

Full Disclosure. I believe in it.

While I do agree that exploitation redirects based on
user-agent proliferate, there are far more
functionality-based redirects, and [opinion] I believe
that masking a user-agent would result in a diminished
browsing experience inproportionate to the amount of
protection added.

/jd



        
                
__________________________________
Do you Yahoo!?
Vote for the stars of Yahoo!'s next ad campaign!
http://advision.webevents.yahoo.com/yahoo/votelifeengine/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault