[WEB SECURITY] Re: Minimal User Interaction with Links

Micheal Espinola Jr michealespinola at gmail.com
Fri Aug 14 16:54:08 EDT 2009


If I understand you correctly, it means that your AV intercepted the
request, and reached out and touched/scanned this file before allowing
your application the option of downloading it.  Of the ones I am aware
of, NOD32 does this cleaning with no other download/save prompts -
only a popup saying the connection was terminated and that the file
was quarentined.

Symantec does similar, but you are still left with a save prompt.  If
you choose to save (with Symantec), you then receive an error.

Under normal circumstances, no, it is not possible in this day and age
(i.e with an up-to-date OS) to automatically execute/save a file by
clicking a link.

--
ME2


On Fri, Aug 14, 2009 at 2:02 PM, 51l3n73y3s <51l3n7 at live.in> wrote:
>
> Hello list,
>
> Is it possible to execute or save a file by just clicking on a link?
>
> I might be missing something over here, here is a sample eicar test string http://www.eicar.org/download/eicar.com
>
> As soon as I click on it, my AV gives me the message about the detection at "%temp%\ NcsWJCau.com.part" and the page also gives me an option to save the file. Doesn't this mean that the file is being stored in the temp directory without user interaction?
>
> -Sandeep Cheema
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------
>

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list