Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Proxomitron question...

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion
View previous topic :: View next topic  
Author Message
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 14 Aug 2014
Posts: 1073
Location: CenTex

PostPosted: Mon Nov 22, 2004 5:52 pm    Post subject: Proxomitron question... Reply with quote

Does anyone know of any highjacking exploit that Prox didn't already have a cure for, including the new iFrame vulnerability, before they became known?

I've tested/defined many highjackers in the past couple of years but I don't remember even one that didn't require me to bypass Prox in order to pull from the source.

Our sys are protected in other ways as well but I'd be very curious to know if there are any highjack vulnerabilities that weren't dealt with by Prox alone. Anyone know?
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
Scaramouche
Malware Expert


Joined: 06 Jul 2004
Last Visit: 03 May 2006
Posts: 141
Location: Manila, Philippines

PostPosted: Mon Nov 22, 2004 7:12 pm    Post subject: Reply with quote

Proxomitron is one of those perfect applications; it's a relatively simple implementation that's capable of incredibly complicated things. I was really said to hear first that the author wasn't maintaining it and second that he died :(

Theoretically speaking, you're right. Since proxomitron is a highly configurable software proxy it can intercept basically any code before execution and change it to harmless comments (or a non sequiter, like a picture of a giraffe smoking). The problem lay in keeping up with the exploits filter-wise, as well as obfuscated code, hidden domains, etc. I think proxomitron can currently protect you pretty thoroughly if you're willing to put a lot of work into maintaining your filters. Basically if it's launched from a web page (and not by port scanning/telnet abuse/etc) proxomitron can probably protect you.
_________________
---
My comments represent my own opinions and research.
Back to top
View user's profile Send private message Yahoo Messenger
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 14 Aug 2014
Posts: 1073
Location: CenTex

PostPosted: Tue Nov 23, 2004 11:55 am    Post subject: Reply with quote

I don't really spend much time on my scripts/filters. I wrote a simple filter a couple months ago to thwart the ad rotation js on a site I frequent but generally, I just don't spend much effort on it. I don't usually need new scripts for much as I use Prox in conjunction with AdShield and AS allows me to just 'click away' any content I don't wish to ever see again. The script I just mentioned took about 30secs to write the matching expression for and load. I spend much greater resources playing with my PAC files. Smile

Anyway, I'm still curious to know if there is any highjacking exploit out there that isn't handled by the filters already included in Prox. Anyone know of one?
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 14 Aug 2014
Posts: 1073
Location: CenTex

PostPosted: Sat May 22, 2010 7:00 pm    Post subject: Reply with quote

You know, I still, even after all this time, have no answer to this question because I've never seen one.

It comes with 6 levels of precfged scripts depending on your particular comfort level. There are many folks around who actively create new cfgs and blocklists. There are also several forums around that are dedicated to it's use and maintenace.

Before you spout the common misinfo about it being obsolete now, you should know that I have it running at startup in my brand new 64bit W7U.

I even have Fiddler set to automatically chain to it whenever Fiddler starts. Whether I want raw data from Fiddler or not is as easy to handle as clicking the bypass button in Prox.

If you're interested, just do a search for ' Proxomitron Naoko 4.5m '.
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group