----- Begin Included Message -----
Rick Murphy <rick @
>At 02:34 AM 11/22/96 -0500, Russ wrote:
>>I know of no commercial
>>Firewall products which can block ActiveX objects at this point in
>>time, so Trend Micro has the only one??
>Nope, TIS' Gauntlet 3.1 or 3.2 (using a feature patch) has the ability
>to block ActiveX objects.
Does it do it by modifying the tags in the HTML, or by recognizing and
blocking the ActiveX content itself? If the former, does it recognize
& filter HTML arriving by means other than HTTP, such as FTP, Gopher,
Email? (UPS? ;-) If it blocks downloads of ActiveX contents directly,
how does it recognize it? Content-type or "magic number" or ??
C.f. http://www.cs.bu.edu/techreports/96-026-java-firewalls.ps.Z on the
challenges in blocking all Java avenues (referenced in the same Risks
digest, 18.61, as the ActiveX article that started this thead.) I'd
the challenges presented by ActiveX are very similar.