[Dshield] Filtering javascript

traef06 RAEF traef06 at msn.com
Tue Jun 12 14:51:38 GMT 2007


I was wondering what people's opinion is on filtering certain javascript.
 
What I thinking of was blocking all iframes. I've blocked document.write commands but that leads to many false positives.
 
I've also blocked decode statements. My feeling is that if you feel you have something to hide, I don't want it.
 
Comments, thoughts, criticisms are all welcome.
 
Thank you.Thomas J. Raef e-Based Security, Inc. (847)833-5666 traef06 at msn.com "You're either hardened or you're hacked!"


More information about the list mailing list