[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] IE
- To: "'Gabriel Alexadros'" <agabriel@xxxxxxxxx>
- Subject: RE: [Full-Disclosure] IE
- From: "{tonyFelice}" <tony@xxxxxxxxxxxxx>
- Date: Sat, 17 Jul 2004 17:25:29 -0600
It is possible to append information to the user-agent using gpedit.msc
(group policy editor). This information will then reside in the
HKLM>software>MS>win>currver>inetset>useragent>postplatform. In this case,
however, the main information about the browser is still intact.
Example: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; <your string
here>; .NET CLR 1.1.4322)
The question is: what type of info are you trying to conceal, as the
user-agent contains very little _sensitive_ info. Anonymous browsing would
require spoofing or hiding the IP address, which is not contained in the
user-agent. If you are concerned that sites attempting to exploit the IE
vulnerabilities (patched or not) would be able to attack you based on this
string, it would be advisable to simply use another browser.
In any event, it should be available to you at
HKCU>software>MS>win>currver>inetset, which is the same folder that holds
that Zones. I am not certain that changing this setting will suffice,
however.
________________________________________
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of Gabriel
Alexadros
Sent: Saturday, July 17, 2004 3:40 PM
To: Full Disclosure
Subject: [Full-Disclosure] IE
i am qurious if a regedit setting exist in order to alter the user agent of
the browser
and to conseal info.
Thank you
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html