web bugs and private headers?

web bugs and private headers?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
web bugs and private headers? CdLSRN 03-10-2007
Posted by CdLSRN on March 10, 2007, 3:21 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
In my fire wall it has check boxes to 'allow' or 'block' WEB BUGS AND PRIVATE
HEADERS. What are Web Bugs and under what circumstances would you want to allow
such
a terrible sounding thing? Also, what are Private Headers and should they be
allowed.
Thanks.



Posted by siljaline on March 10, 2007, 4:57 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
"CdLSRN" wrote:
> In my fire wall it has check boxes to 'allow' or 'block' WEB BUGS AND PRIVATE
> HEADERS. What are Web Bugs and under what circumstances would you want to
allow such
> a terrible sounding thing? Also, what are Private Headers and should they be
allowed.
> Thanks.

Disallow these immediately!
Description of Web Bugs, trans-pixel gif files, etc -
http://en.wikipedia.org/wiki/Web_bugs

Your email client is? Please.


Silj

--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address is invalid that we may all benefit.



Posted by Jason Viers on March 12, 2007, 10:08 am
If you were  Registered and logged in, you could reply and use other advanced thread options
CdLSRN wrote:
> What are Web Bugs and under what circumstances would you want to allow such
> a terrible sounding thing?

Web bugs are "trackers" in email messages; often a small, transparent
image in a HTML email message with a unique file name. When your mail
client opens the email it tries to fetch the image, and the server
therefore knows that YOUR email was read (as you're the only one who
would be fetching that unique filename).

I agree with siljaline's remarks, definitely disable it. Spam often
uses these to verify that a target email exists; open one message with
it and your email gets put on a "verified good" list and sold at a
higher price to other voracious spammers.


Why would anyone want to enable such a terrible thing? Someone
somewhere will probably want it enabled, for example a corporate IT
department that uses these to provide their own non-malicious sending
verification. Therefore they make it an option with a nasty-sounding
name to make sure most people will do it.

Jason

Similar ThreadsPosted
Reading eMail headers is problamatic. May 2, 2006, 11:43 pm
XP PRE-SP3 Bugs October 7, 2007, 5:38 pm
Reporte de BUGs. September 5, 2007, 7:10 am
Help with 'web bugs' requested. February 10, 2008, 5:22 pm
Official warning on Windows bugs August 11, 2006, 11:19 pm
Mozilla patches 11 bugs in Firefox September 24, 2008, 5:00 pm
Where's my private key? February 16, 2007, 4:57 pm
No permssions on private key March 30, 2006, 11:15 am
Private or encryption box? November 20, 2006, 4:18 pm
Private or encryption box? November 20, 2006, 5:35 pm

The site map in XML format XML site map

Contact Us | Privacy Policy