> I understand how a firewall might be configured to block Java or ActiveX
> executable files, by looking at the file extension. How does a firewall
> understand what is JavaScript or VBScript when that code is simply part
> of a comment in an HTML document? Does it now have to be an HTML
> interpreter as well?
Each seems to handle this differently, for example some you can
dissable the file extensions (which can be circumvented if you don't
name it .class) whereas others watch the file itself (first few bytes
will give it's type away). TIS' Gauntlet actually reads the HTML
and can be configured to not pass through anything between an
open tag and it's closing counterpart, thus that section will never
reach the broswer, so they won't request anything from it.
This alone could be circumvented if someone gets the page via other
means than the proxy (brings it from home, ftp's it instead)
I think, but if you can use it in conjunction with extensions/scanning
it seems rather full.
One interesting thing you could do with this however: if you're a
particularly disorganized person, disable the <ul> and <ol>
tags, or if your corporate policy disallows 'inapropriate' access
of the visual nature, just turn off the <img> tag... ;-)
Bri
--
bri @
ifokr .
org
Systems and Security Engineer
Onsight, Inc. http://www.avue.com/
References:
|
|
