Avast prevented redirect to rogue fast antimalware scan...

[polonus]

Hi malware fighters,

While surfing with a protected Fx (NoScript + RequestPolicy) and searching for results for eventRead.JS I landed at fastantimalwarescan dot com. Avast disconncted from what is apparently a rogue scanner..
Exploit Prevention Lab's Link Scanner affirmed this. Yes folks, we need all the avast services installed, up and running!

polonus

[Rednose]

Hi polonus

It is off topic, but how are your experiences with RequestPolicy. Any major bugs, or simply worth trying right now

Greetz, Red.

[polonus]

Hi Rednose,

It is good and the way to learn to work it properly is a bit similar to NoScript, but they are two different beasts. Giorgio Maone is enthusiastic about this, and so it is worth a try.

polonus

[Rednose]

Giorgio Maone http://maone.net/ is the writer of NoScript and FlashGot ( Not everyone will know that ). Ok thnx m8, I will try it

Greetz, Red.

[polonus]

Hi folks,

A reassuring sound from Giorgio Maone on my above posting, he commented:

Regarding NoScript you may receive alerts from so called "web scanners" when a page is loaded (e.g. inside an iframe) which contains malicious scripts. The fact it is loaded does not mean it is executed: in facts NoScript let the scripts embedded inside pages load, but prevent them from executing.

So with the NoScript visor down we are secure, and if Giorgio Maone give his word here, I haven't found an instance where I should doubt what he says,

polonus

[DavidR]

Now I though that you had iframes blocked in NoScript, a default setting perhaps ?

So surely that should stop the iframe content from even loading ?

[polonus]

Hi DavidR,

You made that specific configuration yourself, because in Options - PlugIns - Forbid < IFrames> is not tagged as by default, so it is loaded but malicious script is not being executed, and probably there is where avast shield flags it as it is loaded and also prevent it from running malicious code by closing down the connection, so we are twice protected...

polonus

[DavidR]

I can't recall if I did, but I'm sure if I did it was a result of a topic in the forums, one you were involved in if I remember rightly.

However. as I said before there was no iframe tag in the page source of the link I visited (the one you sent me by IM) so there wouldn't have been any thing for noscript/iframe option to block in my case.

[polonus]

Hi DavidR,

Maybe I made another connection to get that IFrame warning, I know it was flagged by good old avast, so I escaped execution of it through that, and also had NoScript active and blocking everything at the time, so secure there also, but it is very attentive of you to remember all of the security issues we went through together. Are we now gaining in experience?. Yes,I think we slowly are  Another thing is that this proves the WWW is slowly being turned into a very dangerous place, you never know now where the danger hides or lures rather...

polonus