From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_012A_01C3ED82.EA695990
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   Where are you getting the "50"?  The place I know of where people =
usally refer for claims of vulerabilities has only half that with many = of
them being unverified, in other applications like winamp, previously =
fixed, require loading an HTML page from your computer and not from the =
internet, or simply are wrong.  The only recent full disclosure thread I =
could find on IE was one with people making random claims about what the =
RFCs for HTTP say and whether or not they care.

Rich

  "Geo."  wrote in message =
news:4024525e$1{at}w3.nls.net...
  We  block all attachments so there was no chance of MyDoom getting in. =
If
  you only block certain types of attachments and mydoom spoofs like it =
is a
  different type then you can get hosed (as gordano learned last week =
with
  their check failing to catch it).

  As for IE vulns, we proxy outbound http and https, and the browsers =
are only
  allowed to go to certain approved sites, so unless the UPS tracking =
page
  gets hacked it's unlikely we have to worry about IE exploits. We also
  installed filters on the proxy server so things like java apps can't =
be
  downloaded (damn ups once put up a java applet game on their site).

  But if you are worried about IE exploits, then patching isn't going to =
make
  you safe. There was a discussion just today on full disclosure about =
the 50
  or so exploits for IE that remain unpatched (some for years now).

  Geo.

  "Ellen K."  wrote in =
message
  news:k8c720dti1g38ulaovsap1tuul0gln7a31{at}4ax.com...
  > Well, but a fair number of the exploits are stuff that gets in =
through
  > otherwise normal channels, don't you still have to address that?   =
We
  > just talked about not being able to block MyDoom at the firewall, =
then
  > there are some IE vulnerabilities that have to be addressed on each
  > desktop etc (unless desktops can't go on the web).
  >
  > On Thu, 5 Feb 2004 19:10:16 -0500, "Geo."
 wrote in
  > message :
  >
  > >we put our
  > >efforts into making sure stuff doesn't get in, machines that go out =
and
  in
  > >are isolated from the unpatched network machines.
  >


------=_NextPart_000_012A_01C3ED82.EA695990
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   Where are
you getting the =
"50"? =20
The place I know of where people usally refer for claims of = vulerabilities has=20
only half that with many of them being unverified, in other applications = like=20
winamp, previously fixed, require loading an HTML page from your = computer and=20
not from the internet, or simply are wrong.  The only recent
full=20 disclosure thread I could find on IE was one with people making
random = claims=20
about what the RFCs for HTTP say and whether or not they =
care.
 
Rich
 

  "Geo." <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote=20
  in message news:4024525e$1{at}w3.nls.net...We =20
  block all attachments so there was no chance of MyDoom getting in. =
Ifyou=20
  only block certain types of attachments and mydoom spoofs like it is=20
  adifferent type then you can get hosed (as gordano learned last =
week=20
  withtheir check failing to catch it).As for
IE vulns, we =
proxy=20
  outbound http and https, and the browsers are onlyallowed to go to =
certain=20
  approved sites, so unless the UPS tracking pagegets hacked it's =
unlikely=20
  we have to worry about IE exploits. We alsoinstalled filters on =
the proxy=20
  server so things like java apps can't bedownloaded (damn ups once =
put up a=20
  java applet game on their site).But if you are worried about =
IE=20
  exploits, then patching isn't going to makeyou safe. There was a=20
  discussion just today on full disclosure about the 50or so =
exploits for IE=20
  that remain unpatched (some for years
now).Geo."Ellen =
K."=20
  <72322.enno.essp=">mailto:72322.enno.esspeeayem.1016{at}compuserve.com">72322.enno.essp=
eeayem.1016{at}compuserve.com>=20
  wrote in messagenews:k8c720dti1g=
38ulaovsap1tuul0gln7a31{at}4ax.com...>=20
  Well, but a fair number of the exploits are stuff that gets in =
through>=20
  otherwise normal channels, don't you still have to address =
that?  =20
  We> just talked about not being able to block MyDoom at the =
firewall,=20
  then> there are some IE vulnerabilities that have to be =
addressed on=20
  each> desktop etc (unless desktops can't go on the=20
  web).>> On Thu, 5 Feb 2004 19:10:16
-0500, "Geo." <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote =
in> message=20
  <4022dbcf$1{at}w3.nls.net>:&=">mailto:4022dbcf$1{at}w3.nls.net">4022dbcf$1{at}w3.nls.net>:&=
gt;>=20
  >we put our> >efforts into making sure
stuff doesn't get =
in,=20
  machines that go out andin> >are
isolated from the =
unpatched=20
  network
machines.>

------=_NextPart_000_012A_01C3ED82.EA695990--

--- BBBS/NT v4.01 Flag-5