Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: IE is just as safe as FireFox
From: Raoul Nakhmanson-Kulish <raoul () elforsoft com>
Date: Fri, 26 Nov 2004 16:09:36 +0300

Hello, joe!

Anyway, you can specify an unlimited amount of non-proxied servers in autoconfiguration script. More, you may modify autoconfig rules as frequently as needed, or even do it automatically.
Agreed. But if the idea is to protect your internal clients from your
intranet web servers, the proxy isn't doing much for you.
General idea is prevent HTTP interaction with any LAN host which isn't a known intranet server. The proxy can and should do it.

Plus again,
someone can just configure their machine to not use the proxy as mentioned
previously.
Again, we speak about fool-proofing, not about deliberate saboteurs.

This isn't something
that is reasonable to manage in a large organization and does nothing from
stopping people from selecting alternate ports.
Port number is unrelated here. A browser tuned to use proxy uses it for HTTP on any port.

--
Best regards,
Raoul Nakhmanson-Kulish
Elfor Soft Ltd.,
ERP Department
http://www.elforsoft.ru/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]