I belong to an historic radio club and I get there newsletter as an attachment to to an email. The most recent arrived today. On trying either to download or view Firefox's Noscript attachment gives a warning and on the browsers current page an error message something like "web page not availible" is displayed. I have never struck this behaviour on downloading an email attachment before. I know little about web page security but this I do regard as suspicious. Lindsay
Hi Lindsay. You have already passed the first hurdle by being cautiously suspicious. (Just being paranoid doesn't mean they are not out to get you!) That said, there are several possibilities. (1) The newsletter has a link to something stupid like "c:\my documents\pictures\blah.jpg" which fails because the file is only on the author's hard drive. (2) They have linked to a source on an external site, which for $reason is unaccessable. (3) The attachment has an illegal character in the filename */\!<>? etc which breaks the parsing of the filename into multiple pieces (4) The old windows stunt of sending a shortcut to a document rather than the document itself. (5) Something legitimately "phishy". (6) Lots of other possibilities that I can't be bothered enumerating. My first check would be to scan for malware. Immediately after that, I'd save the attachment into an empty directory, then open the attachment using a text editor such as vi, nano etc. In other words, nothing that is capable of running anything of the attachment's contents. If you absolutely need to open the attachment with a browser, use somethig like links, or elinks, which don't do java, graphics or any other runtime functionality. That may allow you to discover the reason that noscript is giving it the raspberry. Regards, Morrie. -----Original Message----- From: luv-main [mailto:luv-main-bounces@luv.asn.au] On Behalf Of Lindsay W via luv-main Sent: Friday, 9 November 2018 6:22 PM To: luv-main@luv.asn.au Subject: Noscript warning I belong to an historic radio club and I get there newsletter as an attachment to to an email. The most recent arrived today. On trying either to download or view Firefox's Noscript attachment gives a warning and on the browsers current page an error message something like "web page not availible" is displayed. I have never struck this behaviour on downloading an email attachment before. I know little about web page security but this I do regard as suspicious. Lindsay _______________________________________________ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Ended up temporarly disabling No script downloaded the file, ran file on it, file reported it as pdf file, look at it with at with a hex view, this also showed as a pdf file. Opened it with xpdf no problems. I did have a look at the details of the transaction as displayed by Noscript, this was complex and I did not understand most of it. the last part was the web sites involved and there was nothing unusual in there. You said.............. "You have already passed the first hurdle by being cautiously suspicious. (Just being paranoid doesn't mean they are not out to get you!)" My comment........... I spent 30 years as a technician looking after multiple different technologies, So I was WELL aware that any technolgy can and does fail. My introduction to computing was with a pair of Time 4500's, while these did work there mass storage system was quite odd and somewhat prone to failure. This showed me it was EXTREMELY wise to be VERY cautious about anything computers will do. Lindsay ----- Original message ----- From: "Morrie Wyatt via luv-main" <luv-main@luv.asn.au> To: luv-main@luv.asn.au Subject: RE: Noscript warning Date: Fri, 9 Nov 2018 19:53:34 +1100 Hi Lindsay. You have already passed the first hurdle by being cautiously suspicious. (Just being paranoid doesn't mean they are not out to get you!) That said, there are several possibilities. (1) The newsletter has a link to something stupid like "c:\my documents\pictures\blah.jpg" which fails because the file is only on the author's hard drive. (2) They have linked to a source on an external site, which for $reason is unaccessable. (3) The attachment has an illegal character in the filename */\!<>? etc which breaks the parsing of the filename into multiple pieces (4) The old windows stunt of sending a shortcut to a document rather than the document itself. (5) Something legitimately "phishy". (6) Lots of other possibilities that I can't be bothered enumerating. My first check would be to scan for malware. Immediately after that, I'd save the attachment into an empty directory, then open the attachment using a text editor such as vi, nano etc. In other words, nothing that is capable of running anything of the attachment's contents. If you absolutely need to open the attachment with a browser, use somethig like links, or elinks, which don't do java, graphics or any other runtime functionality. That may allow you to discover the reason that noscript is giving it the raspberry. Regards, Morrie. -----Original Message----- From: luv-main [mailto:luv-main-bounces@luv.asn.au] On Behalf Of Lindsay W via luv-main Sent: Friday, 9 November 2018 6:22 PM To: luv-main@luv.asn.au Subject: Noscript warning I belong to an historic radio club and I get there newsletter as an attachment to to an email. The most recent arrived today. On trying either to download or view Firefox's Noscript attachment gives a warning and on the browsers current page an error message something like "web page not availible" is displayed. I have never struck this behaviour on downloading an email attachment before. I know little about web page security but this I do regard as suspicious. Lindsay _______________________________________________ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main _______________________________________________ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
participants (2)
-
Lindsay W -
Morrie Wyatt