Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [WEB SECURITY] Re: Microsoft's 'Honeymonkey' project finds 0day

from [Christopher Canova] Network Security [Permanent Link]
Subject: Re: [WEB SECURITY] Re: Microsoft's 'Honeymonkey' project finds 0day
Date: Thu, 18 Aug 2005 18:57:02 -0700 
F Lace wrote:


Only if they make their patches work better. I get a blue screen with
few of the patches, a similar description is found at:
http://www.geekstogo.com/forum/Fatal_Errors_Upon_Loading_Windows-t19049.html


If I do not patch my PC, it is vulnerable. If I patch my PC, is not
usable. What the heck - if it is only websites that can harm my PC,
then I will restrict browsing only a few popular ones. But I know the
source can not only be websites but other things too. but I dont know
what they can be. Can I keep my PC unpatched and remain confident?
Thanks.
 



Some legitimate sites may be compromised if only for a short period of
time, set up to start exploiting visitors. However, the likelihood of
that is slim. What is more likely is a malformed URL on one of those
infamous "typo" sites which rely on typo URL for popular sites (like
Amizon.com, etc.) A simply typo could lead you to a malformed page.

Interestingly enough, Microsoft is taking actions in the form of a
"Honey Monkey" project. They are using unpatched systems to scour the
web for sites and reporting them to the proper authorities. See
http://research.microsoft.com/HoneyMonkey/

--
Christopher Canova, Student
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection), Gary Gwin
Next by Date:  Windows 2003 Server Hardening, Joe Osborn
Previous by Thread:  Re: [WEB SECURITY] Re: Microsoft's 'Honeymonkey' project finds 0day, F Lace
Next by Thread:  Reminder: 2nd US OWASP AppSec Conference - Oct 11-12 - Near DC, Dave Wichers
Indexes:  [Date] [Thread] [Top] [All Lists]