tony at breckcomm.com
Sun Jul 18 00:25:29 BST 2004
It is possible to append information to the user-agent using gpedit.msc
(group policy editor). This information will then reside in the
HKLM>software>MS>win>currver>inetset>useragent>postplatform. In this case,
however, the main information about the browser is still intact.
Example: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; <your string
here>; .NET CLR 1.1.4322)
The question is: what type of info are you trying to conceal, as the
user-agent contains very little _sensitive_ info. Anonymous browsing would
require spoofing or hiding the IP address, which is not contained in the
user-agent. If you are concerned that sites attempting to exploit the IE
vulnerabilities (patched or not) would be able to attack you based on this
string, it would be advisable to simply use another browser.
In any event, it should be available to you at
HKCU>software>MS>win>currver>inetset, which is the same folder that holds
that Zones. I am not certain that changing this setting will suffice,
From: full-disclosure-admin at lists.netsys.com
[mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of Gabriel
Sent: Saturday, July 17, 2004 3:40 PM
To: Full Disclosure
Subject: [Full-Disclosure] IE
i am qurious if a regedit setting exist in order to alter the user agent of
and to conseal info.
Full-Disclosure is hosted and sponsored by Secunia.