[Dshield] Filtering ActiveX

Shaun Gray sgray at camdendiocese.org
Wed Sep 17 16:41:07 GMT 2003

Alright maybe I should have reworded that to say filtering ActiveX at the firewall level via the PIX.  We have been filtering about a day and I have not heard many complaints.  However, I realize that the complaints may be around the corner.  I was able to view the in-browser PDFs and use Windows Update after enabling the filter.  The filtering is supposed to block only the HTML<object> commands within the web page by commenting them out.  Are the same dangerous inherent in this process?

-----Original Message-----
From: Josh Tolley [mailto:josh at raintreeinc.com]
Sent: Wednesday, September 17, 2003 11:51 AM
To: General DShield Discussion List
Subject: Re: [Dshield] Filtering ActiveX

Shaun Gray wrote (excerpt):

>is there any good to having activex enabled on a business network.
Remember if you disable activex, it will in turn disable Flash, 
in-browser PDF viewing w/ Adobe Acrobat, Windows Update... Disabling 
activex totally (not just in the browser, but system-wide) would hose 
your system, but I don't think you can do that. Anyway, keep in mind 
that lots of stuff depends on ActiveX... not just the latest skiddie 

Josh Tolley

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

More information about the list mailing list