|
Posted by PA Bear on August 30, 2007, 3:00 am
If you were Registered and logged in, you could reply and use other advanced thread options
Oh, now I understand what...
>> However recently I brought up the IE browser which is hidden in
>> Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
>> left and click jump to URL)
...means! Thanks. You're CystalBall was working better than mine. <w>
--
~PA Bear
jwgoerlich@gmail.com wrote:
> It is actually Microsoft HTML Help Executable (hh.exe) rather than
> Wordpad or Internet Explorer that is bypassing your security settings.
> You can verify this by opening any compiled help (*.chm) file. I had
> not known that this could be used to bypass Zonealarm, but it has long
> been a security concern in Citrix/Terminal Services environments.
>
> Regards,
>
> J Wolfgang Goerlich
>
>> I have Zonealarm Version 7 and use Opera and Firefox exclusively on
>> XP.
>>
>> However recently I brought up the IE browser which is hidden in
>> Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
>> left and click jump to URL)
>>
>> I was able to connect towww.aliceinvideoland.co.nz and use its
>> search functions( even though there was a specific block on " Mobile
>> code" Zonealarms name for a mix of Javascript, vbscript, Java and
>> Active X)
>>
>> Opera and Firefox were unable to get through this block to operate the
>> search function as one would expect.
>>
>> When this block was removed Firefox and Opera could then access the
>> site to use the search function.
>>
>> This implies that this embedded IE is able to do an end run around
>> firewalls even though the Firewall is specifically set to black code
>> from a specific site.
>>
>> I must admit to be most unpleasantly surprised when IE broke security
>> in this fashion.
| 
XML site map