Not long ago, hackers took over Oracle's MySQL.com and installed a JavaScript code on the site that redirected visitors and attacked their systems with a BlackHole exploit kit. Is there any way to prevent websites from automatically redirecting, aside from (in this case) turning off JavaScript?
There are ways to control JavaScript or block JavaScript redirects on the client side by using browser plug-ins like NoScript. Potentially, a more general browser security tool may be used that might be included in a host intrusion prevention system (HIPS) or antimalware suite to block JavaScript redirects. A Web proxy is another good way to block redirects from a network.
Regardless of these tactics, there are many different redirect methods, that don’t use JavaScript, that can be used by attackers. A Web server can be configured to redirect webpages by issuing a HTTP 3xx redirect command, sending a browser to a different website. There is even an HTML tag for meta-refreshes that could generate a redirect. Many popular websites now perform URL shortening, which is a form of redirection, so you may want to evaluate if blocking redirection is worth the effort given the decrease in functionality.
If a network's endpoints have been hardened from malware attacks, the minimal security risk from redirection should not significantly increase number of malware infections.
No comments:
Post a Comment