internet forensicks
staff at tektronic.org
staff at tektronic.org
Fri May 21 16:09:55 CDT 2004
Quoting Kendrick-LUG <kulua at linux2themax.com>:
> I am needing a way to go through the source of a Internet session. i
> am looking for how my web browser is being exploited and summarily
> disallow that method from a proxy ie squid.
>
> I was thinking that there was probably a way for squid to be able to do
> that but im not sure.. I need a way to trace any files downloaded by
> the browser and or smiler malicious java script/active X etc. it
> appears that the virus problems i was running in to was a dso exploit
>
> http://www.greymagic.com/security/advisories/gm001-ie/
>
> I am trying to find how the program that creates that file
> got on my computer and then use squid to eliminate that vulnerability
> and any others that try similer tactics as coolweab search
>
I would second what darkweb has to say about using firefox/mozilla. I would also
probably try to uninstall IE, iirc it doesn't really uninstall it just takes
the links away from sight. Make sure to keep up-to-date as much as possible for
windows. And probably get a virus scanner of some sort and an adaware type
program.
Jonathan
More information about the Kclug
mailing list