[geeks] weird hijack of IE7

Francois Dion francois.dion at gmail.com
Tue May 19 15:53:19 CDT 2009


This probably happens all the time, but I have a user that was
complaining he couldn't access one of our web based application. The
reason was that his IP was untrusted. It is as if he's coming from a
machine from scansafe.net, not from the actual trusted network he's
on. Only on IE 7, firefox is ok. Not sure what is at work here.

I've seen scansafe in my logs before, they were doing some kind of
buffer overrun attack. Are they legit but incompetant or purely
malware?

Seen that before?



More information about the geeks mailing list