on 4-17-2009 9:33 AM Lanny Marcus spake the following:
On Fri, Apr 17, 2009 at 11:25 AM, William L. Maltby CentOS4Bill@triad.rr.com wrote:
On Fri, 2009-04-17 at 11:13 -0500, Lanny Marcus wrote:
On Thu, Apr 16, 2009 at 11:14 PM, Michael A. Peters mpeters-ee4meeAH724@public.gmane.org wrote:
<snip> > My experience is that when browsing on any OS and you come across an > error message stating that your computer is infected and you need to > install such and such software, the web site I was visiting has an XSS > exploit that was taken advantage of to try and get you to manually > install a piece of malware. > > Install the FireFox extension "noscript" and be very careful about what > domains you authorize scripting from.
I now have NoScript installed.
<snip> > You might want to also check your preferences. FF has settings about > warning about fraud sites etc. You also can affect the things that > javascripts can do and suppress pop-ups. I've encountered those things > that you mentioned and gotten no ill-effects since I just leave the site > immediately.
Bill: I will double check the Firefox configuration settings, since I upgraded from CentOS 5.2 to 5.3, last Friday night. I need to be able to visit that web site, so if anything bad is coming from it (without the knowledge of the webmaster) I will hopefully avoid it, with the NoScript Firefox extension which I just installed. Lanny
Noscript will give you an idea of just how many sites run a script of some kind. You will see a large part of sites just look different when the scripts don't run, and some don't function at all. Not that it is a bad thing, it will just make you think a lot.