How to prevent from Javascript redirects?
Hi.
I have problems passing the following test:
http://www.jasons-toolbox.com/BrowserSe...d-test.asp

It uses Javascript to redirect me.
I fail no matter I use IE or Mozilla Suite.
Does anyone know what I can do to prevent this short of disabling javascript?
Thanks

Try updating your JAVA JME to the latest version.........
CLICK HERE (http://jdl.sun.com/webapps/download/AutoDL?BundleId=10156)

Try updating your JAVA JME to the latest version.........
CLICK HERE (http://jdl.sun.com/webapps/download/AutoDL?BundleId=10156)

I have the lastest one already. But it won't work either.
Have you tried it out yourself and see if you can prevent so?

Yes, it blocked the page...............
Have you updated your windows?

Yes, it blocked the page...............
Have you updated your windows?

Hmm... Try to list my specifications:

Java 1.5.0 (build 1.5.0_04-b05) [found by clicking on the "about" in java CP]
Windows Pro SP1 (except SP2, every critical updates are installed)
I'm using both Mozilla Suite 1.7.11 & IE 6 to test in vain.

Would you mind telling your specifications too?

My spec:
Java Build 1.5 (same like yours)
Windows XP Pro SP2

You should probably upgrade to SP2............

My spec:
Java Build 1.5 (same like yours)
Windows XP Pro SP2

You should probably upgrade to SP2............
Will Win XP Pro SP2 makes the difference...?
Do you have other Internet browser too (eg Firefox, Opera)?
If so, have you tested them, and how aobut the results?

PS: I am not able to update to SP2. That's why I am still at SP1.

Will Win XP Pro SP2 makes the difference...?
Do you have other Internet browser too (eg Firefox, Opera)?
If so, have you tested them, and how aobut the results?

PS: I am not able to update to SP2. That's why I am still at SP1.
SP2 is essentially a Security Updates that have been compiled for Windows XP. Using SP2 is more secure than SP1!
Yeah, i'm using a custom made Firefox, get it HERE (http://www.moox.ws/tech/mozilla/firefox.htm)

SP2 is essentially a Security Updates that have been compiled for Windows XP. Using SP2 is more secure than SP1!
Yeah, i'm using a custom made Firefox, get it HERE (http://www.moox.ws/tech/mozilla/firefox.htm)

Hi.
But have you used Firefox or IE to test the JS redirect?
What were the results for both browsers?

LOL, i want to take screenshot for you, but now the link you'd posted is no more...........

Not sure how to fix it, but java and javascript are two completely different languages. There is nothing you can download to help you support javascript... it simply works with your browser or it doesn't. Java, on the other hand, needs a virtual machine (jvm) to run. This is a piece of software that you can download from Sun (as mentioned in Zefaram's post) or Microsoft

In fact, the link doesn't change.
The caue of the problem is the forum.
Try to look carefully at the link. What it links is:
http://www.jasons-toolbox.com/BrowserSe...d-test.asp (bad link!)

Why does the real address become exactly the same as the clipped/displayed URL?
Strange!

Anyway, here's the link:
http://www.jasons-toolbox.com/BrowserSecurity/javascript-onunload-test.asp (it's still good link when I post it!)
hxxp://www.jasons-toolbox.com/BrowserSecurity/javascript-onunload-test.asp

(The above links are the same. Create more in case if either one is borken by the forum)

There's nothing you can do if people wanted to redirect you to another pages........ the more concerning matter is active X control, but if you update it regularly, it wont be a problem!
The fix for all the java problem is to disable java, but its not a good idea and i rarely heard computer got hijacked by java exploits......

Wai Wai, you should visit this page instead

Hey, this website is evil.
Not to be rude, but you should remove this site completely.
When I enter to this site, I keep getting the dialogs.
I have no way to leave in normal ways.

Hey, this website is evil.
Not to be rude, but you should remove this site completely.
When I enter to this site, I keep getting the dialogs.
I have no way to leave in normal ways.
LOL, sorry for the commotion :D
Just wanted to show you how Javascript can really bugged you out :D
No hard feeling, k?
Anyway, as long as you have Antivirus and Firewall running, security ain't a big concern.......

so you guys made me come all the way down here for nothing

zefram take it easy on the kid.

Never mind. No hard feeling. :)
I would also like to say sorry if this makes me like I am scolding or criticising you. Originally I supposed the phrase "not to be rude" should make this clear. It seems not.

What I am worried is others may click on it and find out they have no ways to leave.
When I went to that evil website, I managed to find a workaround to leave, so I can save from killing my browser and lose all my browsing websites.

By the way, I think the author is evil. If it wishes to show just the evil use of dialog, it can set, say, 9 only. It seems the dialog is in a loop. So malicious the author is! Deserve a darn!!! :mad:

Anyway, as long as you have Antivirus and Firewall running, security ain't a big concern

By the way, in case if you are interested, have you ever thought of getting an IPS, as another big additional security protection of your computer?

IPS is Intrusion Prevention System which is a proactive approach to protect your system from attacking from different techniques or from unknown/new malware. It may be a high time to act before it becomes another standard/basic security product (which is the case to Firewall & Anti-spyware[AS] in the past).

Note:
- All the statements below are merely my personal opinion. Also I am by no means a security expert. I could be wrong.
- It could also happen that some statements may fall you into easy misinterpretation. Thus it will be grateful if you read carefully.
- since I can't explain anything in a short article, it is always good if you can ask me for clarification/questions if you are in doubt. Thanks for your appreciation.

Philosophy of IPS
The philosophy of IPS is if you rely on signature-based Anti-virus(AV)/Anti-spyware(AS) to protect us from malware. It is already too late.

New malware
New malware are merging every day. We can never catch them up. So there are some time gaps which a new malware can slaughter you freely.

Underground/Private malware
What's more, there are always underground/private/unknown malware which have not been discovered by security researchers. That implies you may have been attacked even if you are equipped with the best security suite (AV+Firewall+AS). Some malware are designed that they do not wish to let you know they had intruded your system. Typical examples are trojans and keyloggers. Even if you think you haven't been infected in the past, it may be just a false sense of security unfortunately.

Technique to workaround your security suite
In addition, there are always advanced technique to break or bypass the security products.

Example regarding AV/AS:
An anti-virus writer can simply rewrite the code of a known/signature virus by using the technique (code permutation) to bypass the Av again. It can always use some techniques to intrude the AV/AS, nullifying their work but at the same time faking the GUI, so you feel they are still working.

Example regarding Firewall:
In one test, half or more leak attacks can bypass the firewall (easily) even if you use the best well-known firewalls like ZoneAlarm. See http://www.firewallleaktester.com/tests.htm for details.

Situation becomes worse when:
- Some basic technique can still work to workaround your security suites (it is not rare). Eg: Simple Registry editing may work to disable your security software.
- Some hackers are crazy that they provide the advanced hacking tools (with easy to use interfaces) available on the Internet. Thus even beginner hackers can hack your computer using their advanced tools.


So why should I use IPS?
It can help you to solve the above problems and more. Eg: if you install a good IPS, you can help to block 90-100% of leak attacks.

Although if a hacker wishes to hack our computers, there are always ways to do even if we add IPS, this is not the main point. The main point is you gives your computer a strong security boost and discomfort the hacker to attack your computers.

As hackers follow the rules to attack the easy preys first, you will appear to be less attractive than people who only install the basic security suite (AV+Firewall+AS).


Do you care to spend little time to install IPS?
Installing IPS is as easy as installing a Firewall or any other simple software. As it works as proactive approach, it is similar to Firewall that it will alert you and make decisions. Now IPS has reached into the customer/end-user markets, so they are set as easy as possible to use (eg the implementation of learning mode for the IPS to learn your system), so even some novice users can get some benefits from IPS.

What IPS should I choose?
If you are a beginner, you may wish to try:
- ProcessGuard
This product is relatively easy to use. But there're prices for the ease of use - less powerful and so less secure.

If you wish to have a more powerful IPS, you may wish to try:
- System Safety Monitor
- Viguard

Currently, I am still researching on different IPS. So if you have good info about IPS reviews / comparisons and anything related, please tell me. I am eager to know.

Thanks for your time to read my post.
Any comment is welcome.

Note:
- All the statements below are merely my personal opinion. Also I am by no means a security expert. I could be wrong.
- It could also happen that some statements may fall you into easy misinterpretation. Thus it will be grateful if you read carefully.
- since I can't explain anything in a short article, it is always good if you can ask me for clarification/questions if you are in doubt. Thanks for your appreciation.