7sir7

Xakira · #1 March 24th, 2005, 10:56 AM

I was wondering when SpywareBlaster would come out with the update to combat the 7sir7 DNS poisoning that's been going around.

http://isc.sans.org/diary.php?date=2005-03-13

Has anyone else been hit with this problem? I thought SpywareBlaster was just the right tool for this type of attack. I've downloaded the latest update 16 march and doesn't seem to be any entries in it's list of restricted sites for 7sir7.

Bubba · #2 March 24th, 2005, 02:55 PM

Quote:

Originally Posted by Xakira

doesn't seem to be any entries in it's list of restricted sites for 7sir7.

At this moment in time the 3 URL's that are mentioned in that SANS link you referenced are indeed not part of Spywareblaters Restricted Sites database. Whether they will be included in future updates will be of course be handled by Javacool. That being said....I and many others are firm believers in a layer approach and in the case of Restricted Sites....I suggest you consider agumenting Spywareblasters database with IE-Spyad's database. The 3 URL's mentioned in that SANS article....7sir7.com, 123xxl.com and abx4.com....are listed in it's database.

Regards,
Bubba

Xakira · #3 March 26th, 2005, 09:14 AM

Thanks Bubba,

I'll check IE-Spyad out ...

TonyKlein · #4 March 26th, 2005, 09:22 AM

In fact the CLSIDS for both the activeX control and the Toolbar and BHO Class IDs involved in this hijack were submitted to Javacool a while ago already.
I trust all will therefore be added to one of the next updates

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search