Author Topic: Why NoScript always protects here....  (Read 2202 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Why NoScript always protects here....
« on: June 08, 2010, 03:42:01 PM »
Hi malware fighters,

Why it is important to have NoScript extension active in the case of visiting a page that has Trojan-Spy.HTML.Fraud.gen / Exploit:HTML/IframeRef.gen
http://www.securelist.com/en/descriptions/old66363
This means that this is a generic signature for IFrames whose src attribute matches a blacklist of known malicious web sites serving payloads which exploit browser or plugin vulnerabilities.
Since exploitation in 99.9% of the cases involves running JavaScript or active plugin content, NoScript will block this class of attacks even if the antivirus fails at blocking it at the proxy level because the serving site is too "new" to be listed in the blacklist, JavaScript and active plugin content are blocked by default by NS extension inside the Mozilla browser, so keep the NoScript/RequestPolicy extension visors up, (source of info: http://forums.informaction.com/viewtopic.php?f=8&t=4471 )

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

SafeSurf

  • Guest
Re: Why NoScript always protects here....
« Reply #1 on: June 15, 2010, 08:53:32 AM »
Thanks Pol.

I always keep this add-on up to date and think it's one of the best.  ;)

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Why NoScript always protects here....
« Reply #2 on: June 15, 2010, 02:47:57 PM »
Hi SafeSurf,

Do not only think it is, be fully convinced, because it is the best security extension that came around since there were browsers,

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!