THE MAGAZINE
Technofile: Web-based Threats
Site to See: NoScript
Web surfing can expose users to attacks from executable content. Cross-site scripting attacks, which can inject malware into visitors’ browsers, are increasingly common. But the NoScript add-on can block Java and other potentially dangerous executables from downloading without user permission.
The tool takes some getting used to as users must accept frequently visited domains and individual Web pages. Permission can be granted temporarily or indefinitely. (A relatively new feature permits the automatic trusting of domains listed in browser bookmarks). It is possible, of course, that malicious scripts can run on trusted sites. In most cases, however, the dangerous scripts are hosted on a separate (untrusted) domain. Check out this month’s site to see.
- Login or register to post comments
- Printer-friendly version
Advertise | Subscribe | Reader Service | Writer's Guidelines | Reprints & Permissions | Sitemap | RSS
Security Management is the award-winning publication of ASIS International, the preeminent international
organization for security professionals, with more than 37,000 members worldwide.
ASIS International, Inc. Worldwide Headquarters, 1625 Prince Street, Alexandria, Virginia 22314-2818 U.S.A.
703-519-6200 | fax 703-519-6299 | www.asisonline.org
© 2012 Security Management
This site is protected by copyright and trade mark laws under U.S. and International law.
No part of this work may be reproduced without the written permission of Security Management.
Powered by: Phase2 Technology
Comments