Hardening middleware

Discussion in 'other security issues & news' started by spiff5000, Jan 5, 2006.

Thread Status:
Not open for further replies.
  1. spiff5000

    spiff5000 Registered Member

    Jun 27, 2004
    Is there any app out there designed to harden or patch security flaws in middleware such as Java Virtual Machine? Kinda like PreEmpt dedicated to middleware.

  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    May 9, 2005
    The closest thing I can think of controling your access to these applications. Denying access to these in your browsers is probably the most effective way, since you will most likely ever use Java online, unless you use Matlab, for instance, which uses Java (but still, has its own engine).
    In IE, these options are global - which means you can either turn them on or off. Firefox has more control, using extensions which allow you to use java / javascript per site.
    A very nice tool, which will remove a lot of exploits based on java / javascript and whatnot is a Proxomitron web filter, with Kye-U filters. This little monster is very effective. I always use it (with the latest set of filters, of course) to test the vulnerabilities at secunia. And every time, Proxo stops and removes the exploits. I strongly recommend it. It cannot be used in conjunction with Sygate firewall, which has a problem working through proxy (Proxomitron acts as a web proxy), and maybe Filseclab (not sure), but otherwise, it's peachy.
    Proxomido should do a similar job (a younger open-source brother of Proxomitron).
    You could also probably try contents filters like Ad-Muncher, Privoxy and FF extension called Adblock (Plus).
    Hope this helps,
  3. sweater

    sweater Registered Member

    Jun 24, 2005
    Philippines, the Political Dynasty Capital of the
    You mean hardening softwares? :rolleyes: o_O

    I use only the free ones... SafeXP, Harden-IT and Windows Worm Doors Cleaners. They disables some unneeded services, improve network system safety, and closes some vulnerable ports and adds some level of protections just in case a firewall is misconfigured or disabled by malwares or worms. :cool:
Thread Status:
Not open for further replies.