[Emerging-Sigs] A modest proposal: obfuscated javascript...
David Glosser
david.glosser at gmail.com
Fri Mar 14 18:29:41 EST 2008
I hate to think it is wishful thinking but you are probably right. But
can it be limited to certain types of obf javascript code, like Jason
mentioned earlier?
On Fri, Mar 14, 2008 at 5:49 PM, Scott Melnick <duckie37 at gmail.com> wrote:
> On Fri, Mar 14, 2008 at 12:20 PM, David Glosser <david.glosser at gmail.com>
> wrote:
>
> > I wasn't even thinking of rules, I was thinking of "challenging" the
> > googles of the world not to index these sites (and by extension sites
> > which have been defaced), and "challenge" the firefox builders (and
> > IE) not to have their browser process obfuscated javascript.
> >
>
> But what about the legitimate sites that are using packers to shorten their
> code? CNN, etc. It would be too much heat for them to start X'ing them out.
>
> >
> > But IDS rules, and maybe a firefox/IE plugin would be interesting....
> >
> >
> >
> >
> >
>
> A HIDS type of plugin to unpack JS and check it before executing would be
> cool. I know that some people are talking about building this into a proxy
> type IDS systems.
>
>
> Scott Melnick
>
>
More information about the Emerging-sigs
mailing list