Front Office Football Central  

Go Back   Front Office Football Central > Archives > FOFC Archive
Register FAQ Members List Calendar Mark Forums Read Statistics

Reply
 
Thread Tools
Old 06-13-2009, 08:55 AM   #1
gstelmack
Pro Starter
 
Join Date: Oct 2000
Location: Cary, NC
Virus in an ad?

So I forgot to have ads blocked here at home (fixed now) but Norton 360 popped up a block on "Bloodhound.Exploit.196" in a PDF file that appeared to have been embedded in an ad when browsing the FOF/TCY thread on the missing help file, or at least there was no PDF visible anywhere to be downloaded in the thread itself. Wonderful.
__________________
-- Greg
-- Author of various FOF utilities

gstelmack is offline   Reply With Quote
Old 06-13-2009, 09:00 AM   #2
Alan T
Hall Of Famer
 
Join Date: Dec 2002
Location: Mass.
Quote:
Originally Posted by gstelmack View Post
So I forgot to have ads blocked here at home (fixed now) but Norton 360 popped up a block on "Bloodhound.Exploit.196" in a PDF file that appeared to have been embedded in an ad when browsing the FOF/TCY thread on the missing help file, or at least there was no PDF visible anywhere to be downloaded in the thread itself. Wonderful.

That has been a consistent attack method for viruses for a while now. They imbed invisible iframes into advertisements for all kinds of sites and if you don't block the ads with some form of adblocker or noscript or such, you can become vulnerable to it.

For the specific PDF attack, if you patch acrobat reader to the newest version AND turn off javascript inside of your acrobat reader options (Why do PDF files need javascript anyways?) it should protect you from that specific attack (Unless you have already been infected prior).

I highly recommend that people who browse the internet regularly get used to running noscript and set it up to block iframes of all kinds. It will protect you against 95%+ of the attacks out on websites currently.
__________________
Couch to ??k - From the couch to a Marathon in roughly 18 months.


Alan T is offline   Reply With Quote
Old 06-13-2009, 01:53 PM   #3
sterlingice
Hall Of Famer
 
Join Date: Apr 2002
Location: Back in Houston!
Quote:
Originally Posted by Alan T View Post
That has been a consistent attack method for viruses for a while now. They imbed invisible iframes into advertisements for all kinds of sites and if you don't block the ads with some form of adblocker or noscript or such, you can become vulnerable to it.

For the specific PDF attack, if you patch acrobat reader to the newest version AND turn off javascript inside of your acrobat reader options (Why do PDF files need javascript anyways?) it should protect you from that specific attack (Unless you have already been infected prior).

I highly recommend that people who browse the internet regularly get used to running noscript and set it up to block iframes of all kinds. It will protect you against 95%+ of the attacks out on websites currently.

Dumb technical question- what's the different between a frame and iframe? And why is it vulnerable to attack when frame is not?

SI
__________________
Houston Hippopotami, III.3: 20th Anniversary Thread - All former HT players are encouraged to check it out!

Janos: "Only America could produce an imbecile of your caliber!"
Freakazoid: "That's because we make lots of things better than other people!"


sterlingice is offline   Reply With Quote
Old 06-13-2009, 04:32 PM   #4
Alan T
Hall Of Famer
 
Join Date: Dec 2002
Location: Mass.
Quote:
Originally Posted by sterlingice View Post
Dumb technical question- what's the different between a frame and iframe? And why is it vulnerable to attack when frame is not?

SI

I am not a web programmer so can't really give the reasons for using an iframe (or inline frame), but the differences from a security point of view is that an inline frame is just one box that can exist inside of a site that refers the browser to a completely different location (or possibly another site all together such as launching a hacked .pdf file to take advantage of an exploit in adobe reader listed here). A frame has a more defined existance on a page and the constructs that it must follow.
__________________
Couch to ??k - From the couch to a Marathon in roughly 18 months.


Alan T is offline   Reply With Quote
Old 06-13-2009, 05:26 PM   #5
DanGarion
Coordinator
 
Join Date: Nov 2003
Location: The Great Northwest
Sounds to me that FOFC just has to stop with the banner ads, since they are filled with viruses.
__________________
Los Angeles Dodgers
Check out the FOFC Groups on Facebook! and Reddit!
DON'T REPORT ME BRO!
DanGarion is offline   Reply With Quote
Old 06-13-2009, 07:41 PM   #6
gstelmack
Pro Starter
 
Join Date: Oct 2000
Location: Cary, NC
The real issue is folks trying to turn the web into a virtual machine that runs real programs rather than leaving it what it is best at and leaving real applications to what they are best at. Java, ActiveX, Javascript, etc continue to be these great big gaping security holes as the folks working on the web seem to want to hack functionality in first and worry about security second.
__________________
-- Greg
-- Author of various FOF utilities
gstelmack is offline   Reply With Quote
Old 06-15-2009, 11:15 AM   #7
flere-imsaho
Coordinator
 
Join Date: Sep 2004
Location: Chicagoland
Ah for the heady days of lynx and gopher.
flere-imsaho is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump


All times are GMT -5. The time now is 06:05 PM.



Powered by vBulletin Version 3.6.0
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.