[Dshield] Filtering ActiveX

Mark Squire msquire at lagraphico.com
Wed Sep 17 16:24:19 GMT 2003


This is what makes it a tough decision to turn it off.  The sad thing is
that ActiveX is an open door into people's systems.  What would be the
impact of malicious ActiveX code taking over that particular computer?
What data would the attacker have access to, and what would be the
impact of that data being compromised?  What would be the financial
impact of downtime as a result of said scenario.  Read the final chapter
of "Hacking Exposed 3rd Edition" if you have it.  Several
vulnerabilities have already been discovered (and subsequently
addressed) that allowed an attacker to have their way with your machine
bypassing the normal controls.  ActiveX can be truly frightening.  Who
knows what holes still exist, and are being actively exploited without
us ever knowing it.

Mark

> -----Original Message-----
> From: Josh Tolley [mailto:josh at raintreeinc.com] 
> Sent: Wednesday, September 17, 2003 8:51 AM
> To: General DShield Discussion List
> Subject: Re: [Dshield] Filtering ActiveX
> 
> 
> Shaun Gray wrote (excerpt):
> 
> >is there any good to having activex enabled on a business network.
> >
> Remember if you disable activex, it will in turn disable Flash, 
> in-browser PDF viewing w/ Adobe Acrobat, Windows Update... Disabling 
> activex totally (not just in the browser, but system-wide) would hose 
> your system, but I don't think you can do that. Anyway, keep in mind 
> that lots of stuff depends on ActiveX... not just the latest skiddie 
> virii...
> 
> Josh Tolley
> 
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
> 




More information about the list mailing list