Firewall Blocking ActiveX

You should not allow any NetBIOS traffic to transit the perimeter. Allowing it won't help with logging either, rather install a sniffer and check your server's configuration.

Definitely.

OK, that's rather strange.

In the meanwhile I'm asking what an ActiveX filter rule should even look like, as there's no significant difference between invoking an ActiveX control and invoking any general plugin, including the browser's internal viewers.

Good idea, I'll set one up.

I'm not sure why anything is being flagged as an ActiveX control. I don't believe I put anything discriminating in the rules. I'll contact the vendor of the firewall and post a follow up if I get a response.

Thanks for your help Sebastian.

Patrick

Maybe because ActiveX lacks a security concept and therefore is very dangerous to send through the net?

Yours, VB.

s/security/working security/

Anyway, there is no significant difference between invoking a local ActiveX control and emebedding any general multimedia object. Remotely loaded ActiveX objects could only be detected by eventually unpacking a CAB file and then either the .ocx file extension or by analyzing the PE executable for certain COM imports.

It totally lacks a security concept. "Do you trust, because there is no security concept" is none, sorry.

That's wrong, at least for Flash, PDF, Java Applets and nearly anything else beside WMV.

No.

Usually, they're just embedded as an object in HTML.

Yours, VB.

It would be a security concept if there'd actually be some confidence to support the trust. And if one could actually disable ActiveX at all.

Huh? Some little example:

Now is that just an image supposed to be displayed by either the browser itself or a plugin? Or is it an invocation of an ActiveX control "Image" with Interface "JPEG", supposed to load and probablby display this image?

Just like any other general multimedia object.

Actually, at most it would be a b0rken security concept at all, if one wants to see something like that as a security concept.

But: maybe for some people, having no car is a kind of vehicle, too, because this means, you're pedestrian ;-)

I don't want to argue that. Maybe this is a misunderstanding.

But they are no general multimedia objects.

Yours, VB.

I am currently running Windows XP SP2 (fully patched) and use a Bitdefender, Spywareblaster, and Ad-Aware for antivirus/antispyware. My single XP box at home is connected to my broadband internet connection via a D-Link 604 (latest firmware) router. I use OpenSSH to tunnel home from work and use Windows Remote Desktop tunneled through SSH to remote-control my machine from work.

I have had my little D-Link router for about 2 years now and I have never had a problem. The only open port I allow access to is the one through which I use SSH, and even that I have only allow to trigger when accessed via the IP I use from work. My router does not reply to any pings, block Port 113 by default, and allows shows up as fully stealthed by every scanner with which I ever test it.

No... I don't run any software firewall and I have disabled Windows SP2's built-in "firewall."

I don't use IE or Outlook Express and I am not random "click on this banner" kind of person.

In mid-2006, I now ask, am I protected enough? I think I am and the proof is I've never had any problems. Discussion?

Thank you.

I think, we'll not come together here, Sebastian.

Yours, VB.