IE or not or back to telnet
Hi people,
can somebody tell me how is that firefox is more secure than IE.
This is printout from my sytem when i'm offline:
these 3001 and 18350 pairs are av resident,1025 term services,3001/2/3/4.
icf.
//
>Welcome>c:\netstat -a
Active Connections
Proto Local Address Foreign Address State
TCP secop:1025 0.0.0.0:0 LISTENING
TCP secop:3001 0.0.0.0:0 LISTENING
TCP secop:18350 0.0.0.0:0 LISTENING
TCP secop:3001 localhost:18350 ESTABLISHED
TCP secop:3002 0.0.0.0:0 LISTENING
TCP secop:3003 0.0.0.0:0 LISTENING
TCP secop:3004 0.0.0.0:0 LISTENING
TCP secop:18350 localhost:3001 ESTABLISHED
UDP secop:isakmp *:*
>Welcome Operator>c:\
//
This is when i use IE
//
>Welcome>c:\netstat -a
Active Connections
Proto Local Address Foreign Address State
TCP secop:1025 secop:0 LISTENING
TCP secop:3001 secop:0 LISTENING
TCP secop:3013 secop:0 LISTENING
TCP secop:3014 secop:0 LISTENING
TCP secop:18350 secop:0 LISTENING
TCP secop:3001 localhost:18350 ESTABLISHED
TCP secop:3002 secop:0 LISTENING
TCP secop:3003 secop:0 LISTENING
TCP secop:3004 secop:0 LISTENING
TCP secop:18350 localhost:3001 ESTABLISHED
TCP secop:3013 old.ccrdude.net:http ESTABLISHED
TCP secop:3014 old.ccrdude.net:http ESTABLISHED
UDP secop:isakmp *:*
UDP secop:3006 *:*
UDP secop:3005 *:*
>Welcome Operator>c:\
//
And this is with Firefox
//
>Welcome>c:\netstat-a
Active Connections
Proto Local Address Foreign Address State
TCP secop:1025 secop:0 LISTENING
TCP secop:3001 secop:0 LISTENING
TCP secop:3016 secop:0 LISTENING
TCP secop:3018 secop:0 LISTENING
TCP secop:3026 secop:0 LISTENING
TCP secop:3028 secop:0 LISTENING
TCP secop:3029 secop:0 LISTENING
TCP secop:18350 secop:0 LISTENING
TCP secop:3001 localhost:18350 ESTABLISHED
TCP secop:3002 secop:0 LISTENING
TCP secop:3003 secop:0 LISTENING
TCP secop:3004 secop:0 LISTENING
TCP secop:3015 secop:0 LISTENING
TCP secop:3015 localhost:3016 ESTABLISHED
TCP secop:3016 localhost:3015 ESTABLISHED
TCP secop:3017 secop:0 LISTENING
TCP secop:3017 localhost:3018 ESTABLISHED
TCP secop:3018 localhost:3017 ESTABLISHED
TCP secop:18350 localhost:3001 ESTABLISHED
TCP secop:3019 static-fxfeeds.nllb.nl.mozilla.com:http TIME_WAIT
TCP secop:3020 static-fxfeeds.nllb.nl.mozilla.com:http TIME_WAIT
TCP secop:3026 old.ccrdude.net:http ESTABLISHED
TCP secop:3028 ug-in-f95.google.com:http SYN_SENT
TCP secop:3029 old.ccrdude.net:http ESTABLISHED
UDP secop:isakmp *:*
UDP secop:3006 *:*
>Welcome>c:\
So,according to information that i read all the time more ports you have open more are the posibilities for you to get hacked.You are behind firewall but anyway...
If we disable(or at least configure it to prompt for) scripts,active x,plugins,can it than be considered more secure than other browsers?Put aside buffer overflows,afaik they will not occur if you know what you're doing and where you go on the net.Ok i know everything is a challenge but i dont want to examine every packet from open ports(at least while im surfing).
I'm asking all this because not a single browser i tried is doing better job for my needs than IE(that is,for normal surfing).
I tried Opera,Netscape,Firefox and some less known,computer manufacturer browsers.
They all seem to fail after some time(short time)or theyre so slow i have no nerves to wait them.
Any feedback is most welcomed and appreciated.
thanks
Hi people,again...TROUBLE...
Hi guys,
I got an interesting trouble this time.While i was on one of those "hacking sites"
i got sptd.sys("SCSI pass through direct host").The file has its signature and all looks legit but...
I ran rootkit revealer and it was in the results with RR saying Access Denied.According to documentation it should never report this.
File deletion goes without problem but when i try to remove it from the registry
again,access denied.I tried exporting the value and then modifying the .reg file
to upload empty key.Regedit sez that "branch dont exist" and wont export!!!
Now all i can think of is to extract complete hive,delete manually and upload clean hive back.But i guess its sledge hammer technique and would like to try something else.And guess what,i was surfing with IE.Now in front of every url i have this cute letter M icon.
One other thing.
I was reading article from w3c about browser security.
They say there "WAS" a shortcut bug in IE.Means that if you create a shortcut on your computer to lets say tlntsvr and upload that shortcut to web
anybody clicking on that would be opening telnet server on THEIR LOCAL COMPUTER.
They also say its fixed up from version 3.01.I'm running IE 6.0 and i can still do this.
Any help would be appreciated.
Bye