Re: OT: Possible for Malware against Windows boxes to attack Firefox on Linux?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Thu, Apr 16, 2009 at 11:14 PM, Michael A. Peters <mpeters@xxxxxxx> wrote:
> Lanny Marcus wrote:
<snip>
> My experience is that when browsing on any OS and you come across an
> error message stating that your computer is infected and you need to
> install such and such software, the web site I was visiting has an XSS
> exploit that was taken advantage of to try and get you to manually
> install a piece of malware.
>
> Install the FireFox extension "noscript" and be very careful about what
> domains you authorize scripting from.
>
> The fact that an XSS attack was able to give you a phony message means
> the same site could have XSS that reads your cookie and steals your
> session ID.
>
> Noscript reduces the odds of such attacks being succesful.

Michael: Thank you for the above explanation. I am going to copy it
and  email it to the webmaster of that web site. Once, about 4-6
months ago, there was a warning from Google (?), about it being an
Attack site, and he eliminated whatever was causing that. This time,
no warnings, but certainly something out there. I will get the
"noscript" extension for Firefox. Lanny
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux