blu.org wiki
|
View:
New views
8 Messages
—
Rating Filter:
Alert me
|
 |
wine and security? [slightly long]
by Scott R. Ehrlich
::
Rate this Message:
What are people's experiences and insights to running, say, firefox 3 under
Wine and viewing sensitive information (medical records, credit report, etc) vs viewing the same information in the native host OS? SSL is _always_ monitored at all times. I ask because some web sites refuse to accept a connection from a non-Windows source, and wine has the ability to fool. Are warnings/errors/issues such as these anything to be concerned about for viewing such information mentioed above? I'm currently using a fully updated Ubuntu Hardy 32-bit system: scott@scott-desktop:~/.wine/drive_c/Program Files/Mozilla Firefox$ ./firefox.exe fixme:system:SetProcessDPIAware stub! fixme:iphlpapi:NotifyAddrChange (Handle 0x7dad398c, overlapped 0x7dad3968): stub fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet err:ole:CoGetClassObject class {591209c7-767b-42b2-9fba-44ee4615f2c7} not registered err:ole:CoGetClassObject class {591209c7-767b-42b2-9fba-44ee4615f2c7} not registered err:ole:CoGetClassObject no class object {591209c7-767b-42b2-9fba-44ee4615f2c7} could be created for context 0x3 fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:resource:GetGuiResources (0xffffffff,0): stub fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:font:ExtTextOutW flags ETO_NUMERICSLOCAL | ETO_NUMERICSLATIN | ETO_PDY unimplemented fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:font:get_nearest_charset TCI failing on 20000000 fixme:font:get_nearest_charset returning DEFAULT_CHARSET face->fs.fsCsb[0] = 20000000 file = /usr/share/fonts/truetype/ttf-gujarati-fonts/aakar-medium.ttf fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet err:ole:CoGetClassObject class {4125dd96-e03a-4103-8f70-e0597d803b9c} not registered err:ole:CoGetClassObject class {4125dd96-e03a-4103-8f70-e0597d803b9c} not registered err:ole:CoGetClassObject no class object {4125dd96-e03a-4103-8f70-e0597d803b9c} could be created for context 0x3 fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet fixme:ntdll:NtLockFile I/O completion on lock not implemented yet -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: wine and security? [slightly long]
by Matthew Gillen
::
Rate this Message:
Scott R. Ehrlich wrote:
> What are people's experiences and insights to running, say, firefox 3 > under Wine and viewing sensitive information (medical records, credit > report, etc) vs viewing the same information in the native host OS? > SSL is _always_ monitored at all times. Never tried to run ffox in wine, since anything it can do in windows it can do in linux. > I ask because some web sites refuse to accept a connection from a > non-Windows source, and wine has the ability to fool. The way they identify the source is through the user-agent string, and there are firefox extensions to change your user-agent string to pretend like it's IE on WinXP, FFox on WinXp, or whatever. Most non-ie browsers have some way that you can fake the user-agent string to get around stupidity in web-design. Matt -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: wine and security? [slightly long]
by Dinesh Shah
::
Rate this Message:
H!
On Sat, Jun 28, 2008 at 6:52 PM, Matthew Gillen <> wrote: > > Never tried to run ffox in wine, since anything it can do in windows it can > do in linux. > >> I ask because some web sites refuse to accept a connection from a >> non-Windows source, and wine has the ability to fool. > > The way they identify the source is through the user-agent string, and there > are firefox extensions to change your user-agent string to pretend like it's > IE on WinXP, FFox on WinXp, or whatever. Most non-ie browsers have some way > that you can fake the user-agent string to get around stupidity in > web-design. Not a good idea. That gives the web masters and developers excuse not to create cross browser applications/web sites. :-( I would rather complain loudly. > Matt With regards, -- --Dinesh Shah :-) Shah Micro System -- Dan Quayle - "It's time for the human race to enter the solar system." -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: wine and security? [slightly long]
by Don Levey-7
::
Rate this Message:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 Dinesh Shah wrote: >>> I ask because some web sites refuse to accept a connection from a >>> non-Windows source, and wine has the ability to fool. >> The way they identify the source is through the user-agent string, and there >> are firefox extensions to change your user-agent string to pretend like it's >> IE on WinXP, FFox on WinXp, or whatever. Most non-ie browsers have some way >> that you can fake the user-agent string to get around stupidity in >> web-design. > > Not a good idea. That gives the web masters and developers excuse not > to create cross browser applications/web sites. :-( > > I would rather complain loudly. > That only works if they care. Many places (banks, for example, in my experience) provide the web interface because the customers want it, not because they feel it's a good idea from their business perspective. But they're resistant to it, and changes to it. The attitude they've taken to me is "if you want on-line banking, you need to do this." Saying "I won't/can't use your system until you change it to permit standards-compliant connections" is generally met with "OK, see you when you want it badly enough." I've *never* encountered an institution like that which is customer-responsive. This is different from, for example, merchants who stand to make money with each connection. THEY are interested in being responsive, because the change is much more tightly tied in to their revenue stream. -Don -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iQIVAwUBSGZF0A/3fXaZy0IWAQKkiQ/9Huvctxn+7C3Ns0uVRlNBfPhZSgT/Orqw ItNGQ7d1MGKeT+dkXtN3/Kme5KvAsooFMzZWXI7eRAXKDGzXCM/odxW2hFtOWpKg 3aGq4VDxSqi2wyhpEVQNOkFjIoT+/iJuenvDvEhdXQeVjVoXoUmiXp7538umUo+t KLednvUKrP6WpVjeD//ggMbuJnfvLOeHrE9ldskHzO1jjXbjAtkHsNVxK71CnelK PL1Jfw8oPETVFhWgOw5+1H3Zz/JgiZjUDSJ485nXyfjgi4F4Eb8YKUI1EWUdAYwa irnUDfGYqwqtIDeS0h5og2O+E4X04te9w7f6WOXHvh+Js95E37NsxnR3soSM9f+y My52TOmkOd35MG8d61eCgZVJCvKMTQkD0Xgj3d9B3ILYQeDbN0onFWkvmwXa8zaj /H/UOEF5jaz1zk0Jyuk+RWHh1jRfbwIxnKfvcPkmLjcepkdG6rfnkXaigOZu1r4m s2dvUSX36w1eR2LZ7+xMwRlkDW4FBH/82/t/32qdCbc6rpKwCToLVvLJx4pgHLsa 9jNRGE/IemjDPKhU+YgbzRnJHTBn71uJfNXGO8NKlEZDookDaMnPabJ3QCdqRxQb ttsMC3J8be1ksECRKtiA7kqDr7PPkoMGelr9jf/5E0M5IF/84kX+6wqVkL+dNQIe tzRb/Ai2q0o= =ZsIN -----END PGP SIGNATURE----- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
RE: wine and security? [slightly long]
by Jack Coats at coats.org
::
Rate this Message:
When I worked for a bank, they didn't like even having a web interface.
But CUSTOMERS required it, so we had it, and they paid for it. At that point, the BANK liked it (positive cash flow), and it was maintained. Show the company how providing it is positive for their business, especially in $$$ in the short run, and they will support it. Not that you can get through the gatekeepers to the ones who really make decisions (sometimes big bosses, sometimes middle management, sometimes it is the little techno geek that is under paid and over worked, and making some project look bad / fail reduces his work load ... for them, they need a different reward, and I'm not going there.). -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: wine and security? [slightly long]
by Kristian Erik Hermansen
::
Rate this Message:
On Sat, Jun 28, 2008 at 6:15 AM, Scott R. Ehrlich <scott@...> wrote:
> I ask because some web sites refuse to accept a connection from a > non-Windows source, and wine has the ability to fool. I question your analysis that web servers are able to discriminate your OS. A trick known for a while, but detailed in Michal Zalewski's book Silence on the Wire, is to analyze the browser object requests temporaly. You can fingerprint the remote browser using this method even if the user thinks he is savvy and alters the AGENT headers. Combine that with TCP Timestamps, and yes, you can fairly well determine he OS. But I don't know of any commercial websites that would do this... -- Kristian Erik Hermansen -- CISSP, CEPT, CREA, CEH, Linux+, A+, QGCS, ACSA, this is getting ridiculous... http://kristian-hermansen.com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: wine and security? [slightly long]
by Ward Vandewege
::
Rate this Message:
On Sat, Jun 28, 2008 at 11:55:42AM -0400, Kristian Erik Hermansen wrote:
> On Sat, Jun 28, 2008 at 6:15 AM, Scott R. Ehrlich <scott@...> wrote: > > I ask because some web sites refuse to accept a connection from a > > non-Windows source, and wine has the ability to fool. > > I question your analysis that web servers are able to discriminate > your OS. A trick known for a while, but detailed in Michal Zalewski's > book Silence on the Wire, is to analyze the browser object requests > temporaly. You can fingerprint the remote browser using this method > even if the user thinks he is savvy and alters the AGENT headers. > Combine that with TCP Timestamps, and yes, you can fairly well > determine he OS. But I don't know of any commercial websites that > would do this... It's easy to do, and it's entirely invisible. I've been using passive TCP fingerprinting by means of p0f (http://lcamtuf.coredump.cx/p0f.shtml) for quite a while now in my mail stream. I apply antispam rules that are much more strict when I see the machine on the other side of the TCP connection runs Windows. p0f is not perfect but it's pretty good at identifying the OS on the other side of the connection. It scales very well - p0f is very lightweight. Doing this has turned out to be very, very effective against spam without affecting mail servers that run a serious OS. In my experience, 95+% of all spam comes from compromised Windows machines ('zombies'). Punishing Windows machines that try to deliver mail to your servers puts the blame right where it belongs, with that crappy operating system. Thanks, Ward. -- Pong.be -( "In my opinion M$ is a lot better at making money than )- Virtual hosting -( it is at making good operating systems." -- Linus )- http://pong.be -( Torvalds )- GnuPG public key: http://pgp.mit.edu -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: wine and security? [slightly long]
by Kristian Erik Hermansen
::
Rate this Message:
Yup! And Michal Zalewski is the authof of p0f :-). I highly encourage
you to pick up his book. He works for google now doing super secret squirrel work. Your idea is a good one. However, as with any counter measure, I have numerous ways of defeating your p0f spam filter. Most people won't care. enough though and you drop the majority of bad traffic. That's good. You may combine p0f with active network manipulation to get even better results, such as witholding certain packets for predefined time periods, asking for duplicate acks, or using obscure tcp options in order to identify the remote network stack. Once you have that in place, its hard to fuck with you :-P On 6/28/08, Ward Vandewege <ward@...> wrote: > On Sat, Jun 28, 2008 at 11:55:42AM -0400, Kristian Erik Hermansen wrote: >> On Sat, Jun 28, 2008 at 6:15 AM, Scott R. Ehrlich <scott@...> wrote: >> > I ask because some web sites refuse to accept a connection from a >> > non-Windows source, and wine has the ability to fool. >> >> I question your analysis that web servers are able to discriminate >> your OS. A trick known for a while, but detailed in Michal Zalewski's >> book Silence on the Wire, is to analyze the browser object requests >> temporaly. You can fingerprint the remote browser using this method >> even if the user thinks he is savvy and alters the AGENT headers. >> Combine that with TCP Timestamps, and yes, you can fairly well >> determine he OS. But I don't know of any commercial websites that >> would do this... > > It's easy to do, and it's entirely invisible. > > I've been using passive TCP fingerprinting by means of p0f > (http://lcamtuf.coredump.cx/p0f.shtml) for quite a while now in my mail > stream. I apply antispam rules that are much more strict when I see the > machine on the other side of the TCP connection runs Windows. p0f is not > perfect but it's pretty good at identifying the OS on the other side of the > connection. It scales very well - p0f is very lightweight. > > Doing this has turned out to be very, very effective against spam without > affecting mail servers that run a serious OS. > > In my experience, 95+% of all spam comes from compromised Windows machines > ('zombies'). Punishing Windows machines that try to deliver mail to your > servers puts the blame right where it belongs, with that crappy operating > system. > > Thanks, > Ward. > > -- > Pong.be -( "In my opinion M$ is a lot better at making money than > )- > Virtual hosting -( it is at making good operating systems." -- Linus > )- > http://pong.be -( Torvalds > )- > GnuPG public key: http://pgp.mit.edu > -- Sent from Gmail for mobile | mobile.google.com Kristian Erik Hermansen -- CISSP, CEPT, CREA, CEH, Linux+, A+, QGCS, ACSA, this is getting ridiculous... http://kristian-hermansen.com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
| Free Forum Powered by Nabble | Forum Help |
