«

AIUI, it was not all that long ago when the threat to personal users,
was attachments that when executed compromised machines with keyloggers,
trojans, etc.

Now it seems that the big problem is reading a webpage or an HTML e-mail
and getting affected through the scripting. My understanding is that
the script downloads the malicious program from the web and sets it to
run on start up through the start-up folder or in the registry.

I don't know much about this; can someone suggest a good web site to
start learning a bit more about these threats. I have googled, but I am
not quire sure of the best search terms, and since there is so much
information out there, a site that experienced people endorse would be a
lot of help.

In particular, it seems as if JavaScript dowloading a trojran without
the user clicking an attachment is a big problem.

Thanks.

In message <l9xCf.14501$>,
Lew took 19 lines to impart the following:

>AIUI, it was not all that long ago when the threat to personal users,
>was attachments that when executed compromised machines with keyloggers,
>trojans, etc.
>
>Now it seems that the big problem is reading a webpage or an HTML e-mail
>and getting affected through the scripting. My understanding is that
>the script downloads the malicious program from the web and sets it to
>run on start up through the start-up folder or in the registry.
>
>I don't know much about this; can someone suggest a good web site to
>start learning a bit more about these threats. I have googled, but I am
>not quire sure of the best search terms, and since there is so much
>information out there, a site that experienced people endorse would be a
>lot of help.
>
>In particular, it seems as if JavaScript dowloading a trojran without
>the user clicking an attachment is a big problem.
>
>Thanks.

Malicious Web Scripts FAQ
http://www.cert.org/tech_tips/malicious_code_FAQ.html

Web Browser Vulnerabilities: Is Safe Surfing Possible?
http://www.windowsecurity.com/articl...abilities.html

Safe Surfing
http://www.pcpitstop.com/spycheck/safesurfing.asp

Safe Hex
http://www.claymania.com/safe-hex.html

Safe Computing Guide
http://www.trendmicro.com/pc-cillin/...afe_computing/
http://www.trendmicro.com/en/securit...e/overview.htm

Protect your PC
http://support.microsoft.com/default...gb/protect.asp

Safe Computing Practice
http://users.iafrica.com/c/cq/cquirke/safe2000.htm

Safe Computing Practices (Safe Hex)
http://www.cknow.com/vtutor/vtsafecompute.htm

--
Basic computer maintenance
http://uk.geocities.com/personel44/maintenance.html

Lew wrote:
> AIUI, it was not all that long ago when the threat to personal users,
> was attachments that when executed compromised machines with
> keyloggers, trojans, etc.

Executing a malware executable by clicking on it has always been a
problem whether it comes in the email or on a floppy or CD or
downloaded.

> Now it seems that the big problem is reading a webpage or an HTML
> e-mail and getting affected through the scripting.

The scripting or html can potentially 'execute' or 'perform', depending
upon the insecure configuration.

> My understanding
> is that the script downloads the malicious program from the web and
> sets it to run on start up through the start-up folder or in the
> registry.

There are many html, scripting, and non-html non-scripting
vulnerabilities. The latest vulnerability of some interest is the WMF
or windows metafile vulnerability related to 'MICE' where the mice
acronym means metafile image code execution vulnerability. This is a
different kind of problem for Win2K and XP than the 9x family.

> I don't know much about this; can someone suggest a good web site to
> start learning a bit more about these threats.

All threats that have to do with windows insecurities? Some windows not
all? All threats that have to do with html and/or scripting
vulnerabilities as they relate to just the browser html rendering engine
subsystem vulnerabilities? How to configure your browser and your
mailuser agent securely?

> I have googled, but I
> am not quire sure of the best search terms, and since there is so much
> information out there, a site that experienced people endorse would
> be a lot of help.

There certainly is a lot of information -- I'm not sure where to start.

> In particular, it seems as if JavaScript dowloading a trojran without
> the user clicking an attachment is a big problem.

If you allow 'various' scripts to run and do things which you don't know
about, you are insecure -- where the degree of insecurity is influenced
by the particular script in question.


--
Mike Easter

°Mike° wrote:

Excellent collection of links..


> Safe Computing Guide
> http://www.trendmicro.com/pc-cillin/...afe_computing/

Sorry, the web page you're looking for was not found



One of the trendmicro links is broken -- I can find a similar .au one
searching on safe_computing at the site.

http://www.trendmicro.com.au/consume...ting_guide.php

But I don't know if that is like the one which used to be in the
pc-cillin vinfo section.


--
Mike Easter

In message <43dab3ed$0$72593$ ews.net>,
Mike Easter took 24 lines to impart the following:

<snip>

>One of the trendmicro links is broken -- I can find a similar .au one
>searching on safe_computing at the site.
>
>http://www.trendmicro.com.au/consume...ting_guide.php
>
>But I don't know if that is like the one which used to be in the
>pc-cillin vinfo section.

I honestly don't remember the exact PC-Cillin page, but it appears to
be the same one, because:
www.trendmicro.com.au/vinfo/safe_computing/

redirects to the link you gave above. I will be updating my list with
the UK link (same info).

Safe Computing Practices
http://uk.trendmicro-europe.com/smb/...ting_guide.php


This PDF document is also worth reading:

A Guide to Security
http://uk.trendmicro-europe.com/smb/...e_download.pdf

--
Basic computer maintenance
http://uk.geocities.com/personel44/maintenance.html

Lew wrote:
>
> Now it seems that the big problem is reading a webpage or an HTML e-mail
> and getting affected through the scripting. My understanding is that

http://www.bootdisk.com/bootlist/234.htm#5

Html is for webpages. Text is for email.

--
http://www.bootdisk.com/

Lew <> gibbered:

>AIUI, it was not all that long ago when the threat to personal users,
>was attachments that when executed compromised machines with keyloggers,
>trojans, etc.
>
>Now it seems that the big problem is reading a webpage or an HTML e-mail
>and getting affected through the scripting. My understanding is that
>the script downloads the malicious program from the web and sets it to
>run on start up through the start-up folder or in the registry.
>
>I don't know much about this; can someone suggest a good web site to
>start learning a bit more about these threats. I have googled, but I am
>not quire sure of the best search terms, and since there is so much
>information out there, a site that experienced people endorse would be a
>lot of help.
>
>In particular, it seems as if JavaScript dowloading a trojran without
>the user clicking an attachment is a big problem.

It's getting that way - byteverify being the most common culprit. It's
designed to exploit the MS Java VM (virtual machine), so use the Sun
version:
http://www.java.com/en/download/help/cache_virus.xml

>
>Thanks.