subject:"\[ACFUG Discuss\] Client side"

RE: [ACFUG Discuss] Client side

2006-10-27 Thread Dave Bellevue




it was designed for self service? maybe it's our 
implementation  
 
Dave


From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
On Behalf Of Douglas KnudsenSent: Friday, October 27, 2006 
2:33 PMTo: discussion@acfug.orgSubject: Re: [ACFUG 
Discuss] Client side

On 10/27/06, Dave 
Bellevue <[EMAIL PROTECTED]> 
wrote:
Because 
  the machines are corporate assets, they are in a controlledenvironment. 
  Formerly, our client machines all had the same corporate imageand all had 
  the .net framework installed and security settings set to allow client 
  side .net code (delivered via our web site) to get the info 
  itneeded.If we are reading the machine name from the machine, why 
  would there be adata quality issue?The more info we get from the 
  machine, the better we are able to target that machine for applications 
  that pertain to it - patch delivery, enforcinghardware requirements, 
etc.
you mentioned you had marimba in use, use it, this is what marimba 
was designed for, eh? DK 
Maybe 
  I don't understand your point of view?Dave-Original 
  Message- From: [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED]] On Behalf Of 
  Dean H. SaxeSent: Friday, October 27, 2006 11:51 AMTo: discussion@acfug.orgSubject: Re: 
  [ACFUG Discuss] Client sideWhich still doesn't address the quality of 
  the data...Why do you need this info from the client?  What 
  is the deploymentscenario?  Why should any user trust your 
  applet/ActiveX control? Why isn't it spyware?-dhsDean 
  H. Saxe, CISSP, CEH[EMAIL PROTECTED]"Free 
  speech exercised both individually and through a free press, is a 
  necessity in any country where people are themselves 
  free." -- Theodore Roosevelt, 1918On 
  Oct 27, 2006, at 11:49 AM, [EMAIL PROTECTED] wrote: 
  > Signed Java Applet>> I've been away from CF for a 
  while, but am coming back into MX7>>>> Need to know 
  what is the best (and/or easiest) way run code on the>> client 
  machine - we need to gather information from the registry, >> find 
  things like the machine name (http header vars are not reliable)>> 
  and determine if processes are running and then pass that info into 
  a>> page.>>>> Thanks,>> Dave Bellevue 
  >>>>>>>>>> 
  ->> To 
  unsubscribe from this list, manage your profile @>> http://www.acfug.org?fa=login.edituserform>>>> 
  For more info, see http://www.acfug.org/mailinglists 
  Archive @>> http://www.mail-archive.com/discussion%40acfug.org/>> 
  List hosted by http://www.fusionlink.com>> 
  - 
  >>>>>>>>>>>> 
  -> To 
  unsubscribe from this list, manage your profile @> http://www.acfug.org?fa=login.edituserform>> 
  For more info, see http://www.acfug.org/mailinglists 
  Archive @> http://www.mail-archive.com/discussion%40acfug.org/> 
  List hosted by http://www.fusionlink.com> 
  -> 
  >>-To 
  unsubscribe from this list, manage your profile @http://www.acfug.org?fa=login.edituserform 
  For more info, see http://www.acfug.org/mailinglists 
  Archive @http://www.mail-archive.com/discussion%40acfug.org/ 
  List hosted by http://www.fusionlink.com-- 
  To unsubscribe from this list, manage your profile @http://www.acfug.org?fa=login.edituserformFor 
  more info, see http://www.acfug.org/mailinglistsArchive 
  @ http://www.mail-archive.com/discussion%40acfug.org/List 
  hosted by http://www.fusionlink.com--- Douglas Knudsenhttp://www.cubicleman.com this is my 
signature, like it? 
- To 
unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform 
For more info, see http://www.acfug.org/mailinglists 
Archive @ http://www.mail-archive.com/discussion%40acfug.org/ 
List hosted by FusionLink 
- 



-

To unsubscribe from this list, manage your profile @ 

http://www.acfug.org?fa=login.edituserform



For more info, see http://www.acfug.org/mailinglists

Archive @ http://www.mail-archive.com/discussion%40acfug.org/

List hosted by FusionLink

-

RE: [ACFUG Discuss] Client side

2006-10-27 Thread Fennell, Mark P.

I wonder if you could use something akin to the following to open CCM/LiveState 
and in the catch redirect the browser to a URL that would log the ip address 
and provide a howto on installing CCM/LS. It's not guaranteed to work based on 
security settings and OS path settings. I'm sure that you could get a 
guaranteed-to-work solution, but it probably won't be free. 
:)

function openOutlook(){
try{
var oShell = new ActiveXObject("Shell.application");
oShell.ShellExecute("C:\\Program Files\\Microsoft 
Office\\Office\\OUTLOOK.EXE","");
}
catch(e){
}
}

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dave Bellevue
Sent: Friday, October 27, 2006 2:33 PM
To: discussion@acfug.org
Subject: RE: [ACFUG Discuss] Client side

We did the whole self-service app push thing with .net with great success.
All we need to do is gather info from the machine, not alter it - Marimba
will do that. I'm just looking for an alternate method. As an example, we
checked for a running process to insure that the user had CCM/LiveState
installed and running on their machine. If they didn't, they were directed
on how to get it.

I'm in agreement that patches shouldn't be self-service for a whole host of
reasons and we do have other solutions for that... But management has other
ideas.

Dave 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe
Sent: Friday, October 27, 2006 1:33 PM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

My POV is based upon the fact that anyone who receives the code can modify
it to change the data that is being retrieved.  Alternatively, they don't
need to use the client side code (applet, for instance) in order to send
data to the application.  Just because you think they will only use it as
prescribed doesn't mean it really will be...

If you're looking to do patch management there are plenty of solutions out
there.  McAfee ePolicy Orchestrator (I work for a division of MFE), BigFix,
Peregrine, etc... why not look for an existing solution?

-dhs

Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"[U]nconstitutional behavior by the authorities is constrained only by the
peoples' willingness to contest them"
 --John Perry Barlow

On Oct 27, 2006, at 12:49 PM, Dave Bellevue wrote:

> Because the machines are corporate assets, they are in a controlled 
> environment. Formerly, our client machines all had the same corporate 
> image and all had the .net framework installed and security settings 
> set to allow client side .net code (delivered via our web site) to get 
> the info it needed.
>
> If we are reading the machine name from the machine, why would there 
> be a data quality issue?
>
> The more info we get from the machine, the better we are able to 
> target that machine for applications that pertain to it - patch 
> delivery, enforcing hardware requirements, etc.
>
> Maybe I don't understand your point of view?
>
> Dave
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H.  
> Saxe
> Sent: Friday, October 27, 2006 11:51 AM
> To: discussion@acfug.org
> Subject: Re: [ACFUG Discuss] Client side
>
> Which still doesn't address the quality of the data...
>
> Why do you need this info from the client?  What is the deployment 
> scenario?  Why should any user trust your applet/ActiveX control?
> Why isn't it spyware?
>
> -dhs
>
>
> Dean H. Saxe, CISSP, CEH
> [EMAIL PROTECTED]
> "Free speech exercised both individually and through a free press, is 
> a necessity in any country where people are themselves free."
>  -- Theodore Roosevelt, 1918
>
>
> On Oct 27, 2006, at 11:49 AM, [EMAIL PROTECTED] wrote:
>
>> Signed Java Applet
>>> I've been away from CF for a while, but am coming back into MX7
>>>
>>> Need to know what is the best (and/or easiest) way run code on the 
>>> client machine - we need to gather information from the registry, 
>>> find things like the machine name (http header vars are not
>>> reliable)
>>> and determine if processes are running and then pass that info into 
>>> a page.
>>>
>>> Thanks,
>>> Dave Bellevue
>>>
>>>
>>>
>>>
>>> -
>>> To unsubscribe from this list, manage your profile @ 
>>> http://www.acfug.org?fa=login.edituserform
>>>
>>> For more info, see http://www.acfug.org/mailinglists Archive @ 
>>> http://www.mail-archive.com/discussion%40acfug.org/
>>> List hosted b

RE: [ACFUG Discuss] Client side

2006-10-27 Thread Dave Bellevue

We did the whole self-service app push thing with .net with great success.
All we need to do is gather info from the machine, not alter it - Marimba
will do that. I'm just looking for an alternate method. As an example, we
checked for a running process to insure that the user had CCM/LiveState
installed and running on their machine. If they didn't, they were directed
on how to get it.

I'm in agreement that patches shouldn't be self-service for a whole host of
reasons and we do have other solutions for that... But management has other
ideas.

Dave 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe
Sent: Friday, October 27, 2006 1:33 PM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

My POV is based upon the fact that anyone who receives the code can modify
it to change the data that is being retrieved.  Alternatively, they don't
need to use the client side code (applet, for instance) in order to send
data to the application.  Just because you think they will only use it as
prescribed doesn't mean it really will be...

If you're looking to do patch management there are plenty of solutions out
there.  McAfee ePolicy Orchestrator (I work for a division of MFE), BigFix,
Peregrine, etc... why not look for an existing solution?

-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"[U]nconstitutional behavior by the authorities is constrained only by the
peoples' willingness to contest them"
 --John Perry Barlow


On Oct 27, 2006, at 12:49 PM, Dave Bellevue wrote:

> Because the machines are corporate assets, they are in a controlled 
> environment. Formerly, our client machines all had the same corporate 
> image and all had the .net framework installed and security settings 
> set to allow client side .net code (delivered via our web site) to get 
> the info it needed.
>
> If we are reading the machine name from the machine, why would there 
> be a data quality issue?
>
> The more info we get from the machine, the better we are able to 
> target that machine for applications that pertain to it - patch 
> delivery, enforcing hardware requirements, etc.
>
> Maybe I don't understand your point of view?
>
> Dave
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H.  
> Saxe
> Sent: Friday, October 27, 2006 11:51 AM
> To: discussion@acfug.org
> Subject: Re: [ACFUG Discuss] Client side
>
> Which still doesn't address the quality of the data...
>
> Why do you need this info from the client?  What is the deployment 
> scenario?  Why should any user trust your applet/ActiveX control?
> Why isn't it spyware?
>
> -dhs
>
>
> Dean H. Saxe, CISSP, CEH
> [EMAIL PROTECTED]
> "Free speech exercised both individually and through a free press, is 
> a necessity in any country where people are themselves free."
>  -- Theodore Roosevelt, 1918
>
>
> On Oct 27, 2006, at 11:49 AM, [EMAIL PROTECTED] wrote:
>
>> Signed Java Applet
>>> I've been away from CF for a while, but am coming back into MX7
>>>
>>> Need to know what is the best (and/or easiest) way run code on the 
>>> client machine - we need to gather information from the registry, 
>>> find things like the machine name (http header vars are not
>>> reliable)
>>> and determine if processes are running and then pass that info into 
>>> a page.
>>>
>>> Thanks,
>>> Dave Bellevue
>>>
>>>
>>>
>>>
>>> -
>>> To unsubscribe from this list, manage your profile @ 
>>> http://www.acfug.org?fa=login.edituserform
>>>
>>> For more info, see http://www.acfug.org/mailinglists Archive @ 
>>> http://www.mail-archive.com/discussion%40acfug.org/
>>> List hosted by http://www.fusionlink.com
>>> -
>>>
>>>
>>>
>>>
>>
>>
>>
>> -
>> To unsubscribe from this list, manage your profile @ 
>> http://www.acfug.org?fa=login.edituserform
>>
>> For more info, see http://www.acfug.org/mailinglists Archive @ 
>> http://www.mail-archive.com/discussion%40acfug.org/
>> List hosted by http://www.fusionlink.com
>> -
>>
>>
>>
>
>
>
> -
> To unsubscribe from this list, manage your profile @ 
> http://www.acfug.org?fa=login.edituserf

Re: [ACFUG Discuss] Client side

2006-10-27 Thread Douglas Knudsen

On 10/27/06, Dave Bellevue <[EMAIL PROTECTED]> wrote:
Because the machines are corporate assets, they are in a controlledenvironment. Formerly, our client machines all had the same corporate imageand all had the .net framework installed and security settings set to allow
client side .net code (delivered via our web site) to get the info itneeded.If we are reading the machine name from the machine, why would there be adata quality issue?The more info we get from the machine, the better we are able to target that
machine for applications that pertain to it - patch delivery, enforcinghardware requirements, etc.you mentioned you had marimba in use, use it, this is what marimba was designed for, eh? 
DK Maybe I don't understand your point of view?Dave-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dean H. SaxeSent: Friday, October 27, 2006 11:51 AMTo: 
discussion@acfug.orgSubject: Re: [ACFUG Discuss] Client sideWhich still doesn't address the quality of the data...Why do you need this info from the client?  What is the deploymentscenario?  Why should any user trust your applet/ActiveX control?
Why isn't it spyware?-dhsDean H. Saxe, CISSP, CEH[EMAIL PROTECTED]"Free speech exercised both individually and through a free press, is a
necessity in any country where people are themselves free." -- Theodore Roosevelt, 1918On Oct 27, 2006, at 11:49 AM, [EMAIL PROTECTED] wrote:
> Signed Java Applet>> I've been away from CF for a while, but am coming back into MX7 Need to know what is the best (and/or easiest) way run code on the>> client machine - we need to gather information from the registry,
>> find things like the machine name (http header vars are not reliable)>> and determine if processes are running and then pass that info into a>> page. Thanks,>> Dave Bellevue
>> ->> To unsubscribe from this list, manage your profile @>> 
http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @>> 
http://www.mail-archive.com/discussion%40acfug.org/>> List hosted by http://www.fusionlink.com>> -
 -> To unsubscribe from this list, manage your profile @> 
http://www.acfug.org?fa=login.edituserform>> For more info, see http://www.acfug.org/mailinglists Archive @> 
http://www.mail-archive.com/discussion%40acfug.org/> List hosted by http://www.fusionlink.com> ->
>>-To unsubscribe from this list, manage your profile @http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists Archive @http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com--
To unsubscribe from this list, manage your profile @http://www.acfug.org?fa=login.edituserformFor more info, see 
http://www.acfug.org/mailinglistsArchive @ http://www.mail-archive.com/discussion%40acfug.org/List hosted by 
http://www.fusionlink.com--- Douglas Knudsenhttp://www.cubicleman.com
this is my signature, like it?



-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by FusionLink
-

Re: [ACFUG Discuss] Client side

2006-10-27 Thread Dean H. Saxe

BTW, my concerns may be over the top for you.  I'm sharing some  
thoughts, but you probably know your environment better than I do, so  
they may not apply directly.  However, don't underestimate what your  
users know and can or cannot do.


-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"[U]nconstitutional behavior by the authorities is constrained only  
by the peoples' willingness to contest them"

--John Perry Barlow


On Oct 27, 2006, at 1:33 PM, Dean H. Saxe wrote:

My POV is based upon the fact that anyone who receives the code can  
modify it to change the data that is being retrieved.   
Alternatively, they don't need to use the client side code (applet,  
for instance) in order to send data to the application.  Just  
because you think they will only use it as prescribed doesn't mean  
it really will be...


If you're looking to do patch management there are plenty of  
solutions out there.  McAfee ePolicy Orchestrator (I work for a  
division of MFE), BigFix, Peregrine, etc... why not look for an  
existing solution?


-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"[U]nconstitutional behavior by the authorities is constrained only  
by the peoples' willingness to contest them"

--John Perry Barlow


On Oct 27, 2006, at 12:49 PM, Dave Bellevue wrote:


Because the machines are corporate assets, they are in a controlled
environment. Formerly, our client machines all had the same  
corporate image
and all had the .net framework installed and security settings set  
to allow

client side .net code (delivered via our web site) to get the info it
needed.

If we are reading the machine name from the machine, why would  
there be a

data quality issue?

The more info we get from the machine, the better we are able to  
target that
machine for applications that pertain to it - patch delivery,  
enforcing

hardware requirements, etc.

Maybe I don't understand your point of view?

Dave

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean  
H. Saxe

Sent: Friday, October 27, 2006 11:51 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

Which still doesn't address the quality of the data...

Why do you need this info from the client?  What is the deployment
scenario?  Why should any user trust your applet/ActiveX control?
Why isn't it spyware?

-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"Free speech exercised both individually and through a free press,  
is a

necessity in any country where people are themselves free."
 -- Theodore Roosevelt, 1918


On Oct 27, 2006, at 11:49 AM, [EMAIL PROTECTED] wrote:


Signed Java Applet

I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the
client machine - we need to gather information from the registry,
find things like the machine name (http header vars are not  
reliable)
and determine if processes are running and then pass that info  
into a

page.

Thanks,
Dave Bellevue




-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-







-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-









-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform


For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

Re: [ACFUG Discuss] Client side

2006-10-27 Thread Dean H. Saxe

My POV is based upon the fact that anyone who receives the code can  
modify it to change the data that is being retrieved.  Alternatively,  
they don't need to use the client side code (applet, for instance) in  
order to send data to the application.  Just because you think they  
will only use it as prescribed doesn't mean it really will be...


If you're looking to do patch management there are plenty of  
solutions out there.  McAfee ePolicy Orchestrator (I work for a  
division of MFE), BigFix, Peregrine, etc... why not look for an  
existing solution?


-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"[U]nconstitutional behavior by the authorities is constrained only  
by the peoples' willingness to contest them"

--John Perry Barlow


On Oct 27, 2006, at 12:49 PM, Dave Bellevue wrote:


Because the machines are corporate assets, they are in a controlled
environment. Formerly, our client machines all had the same  
corporate image
and all had the .net framework installed and security settings set  
to allow

client side .net code (delivered via our web site) to get the info it
needed.

If we are reading the machine name from the machine, why would  
there be a

data quality issue?

The more info we get from the machine, the better we are able to  
target that
machine for applications that pertain to it - patch delivery,  
enforcing

hardware requirements, etc.

Maybe I don't understand your point of view?

Dave

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H.  
Saxe

Sent: Friday, October 27, 2006 11:51 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

Which still doesn't address the quality of the data...

Why do you need this info from the client?  What is the deployment
scenario?  Why should any user trust your applet/ActiveX control?
Why isn't it spyware?

-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"Free speech exercised both individually and through a free press,  
is a

necessity in any country where people are themselves free."
 -- Theodore Roosevelt, 1918


On Oct 27, 2006, at 11:49 AM, [EMAIL PROTECTED] wrote:


Signed Java Applet

I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the
client machine - we need to gather information from the registry,
find things like the machine name (http header vars are not  
reliable)
and determine if processes are running and then pass that info  
into a

page.

Thanks,
Dave Bellevue




-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-







-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-







-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform


For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

RE: [ACFUG Discuss] Client side

2006-10-27 Thread Dave Bellevue

Because the machines are corporate assets, they are in a controlled
environment. Formerly, our client machines all had the same corporate image
and all had the .net framework installed and security settings set to allow
client side .net code (delivered via our web site) to get the info it
needed.

If we are reading the machine name from the machine, why would there be a
data quality issue? 

The more info we get from the machine, the better we are able to target that
machine for applications that pertain to it - patch delivery, enforcing
hardware requirements, etc.

Maybe I don't understand your point of view?

Dave 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe
Sent: Friday, October 27, 2006 11:51 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

Which still doesn't address the quality of the data...

Why do you need this info from the client?  What is the deployment  
scenario?  Why should any user trust your applet/ActiveX control?   
Why isn't it spyware?

-dhs

Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"Free speech exercised both individually and through a free press, is a
necessity in any country where people are themselves free."
 -- Theodore Roosevelt, 1918

On Oct 27, 2006, at 11:49 AM, [EMAIL PROTECTED] wrote:

> Signed Java Applet
>> I've been away from CF for a while, but am coming back into MX7
>>
>> Need to know what is the best (and/or easiest) way run code on the 
>> client machine - we need to gather information from the registry, 
>> find things like the machine name (http header vars are not reliable) 
>> and determine if processes are running and then pass that info into a 
>> page.
>>
>> Thanks,
>> Dave Bellevue
>>
>>
>>
>>
>> -
>> To unsubscribe from this list, manage your profile @ 
>> http://www.acfug.org?fa=login.edituserform
>>
>> For more info, see http://www.acfug.org/mailinglists Archive @ 
>> http://www.mail-archive.com/discussion%40acfug.org/
>> List hosted by http://www.fusionlink.com
>> -
>>
>>
>>
>>
>
>
>
> -
> To unsubscribe from this list, manage your profile @ 
> http://www.acfug.org?fa=login.edituserform
>
> For more info, see http://www.acfug.org/mailinglists Archive @ 
> http://www.mail-archive.com/discussion%40acfug.org/
> List hosted by http://www.fusionlink.com
> -
>
>
>

-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

Re: [ACFUG Discuss] Client side

2006-10-27 Thread Dean H. Saxe


John,

Signed applets don't really help address security issues.  Sure, they  
ensure the code wasn't tampered with if the signature is valid.   
Nothing says I can't rip the signature off and modify the classes by  
either decompilation/recompilation or directly modifying the  
bytecode.  Nothing prevents me from sending invalid data to the  
server without the applet.  Signing is simply a method of performing  
servlet authentication.


You still need to push java.policy files down to the client to allow  
the particular signed applet classes to be able to read from the  
registry, for instance.  This may open some security vulnerabilities,  
if not done correctly.  If you have GPO this can be done quite  
easily, but if you're using machines which don't run .Net, it sounds  
like you're probably SOL here.


-dhs

Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"If liberty means anything at all, it means the right to tell people  
what they do not want to hear."

-- George Orwell, 1945


On Oct 27, 2006, at 12:41 PM, [EMAIL PROTECTED] wrote:


http://java.sun.com/developer/technicalArticles/Security/Signed/

with the assumption that the client machines have java installed.


Short story is that we 'deliver' applications to machines in a  
corporate

environment by initiating pulls via Marimba.

We were doing this with .NET, and were able to gather information  
about

the
machine and verify that all the things were in place before a user
requested
an app - getting the machine name allowed us to track what was  
delivered,
verifying that the correct processes were running so that the app  
would
actually be delivered, a value stored in the registry told us that  
the

machine was actually a valid corporate image.

In this 'new' environment, we don't have the .net framework  
installed on

the
client side, and have machines that may not even be able to run it...
Currently we aren't able to get ANY info off of the client.

The more information we are able to gather, the better we can  
target the

machine.

Make any sense?

Thanks,
Dave

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean  
H. Saxe

Sent: Friday, October 27, 2006 11:03 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

You can't trust any client side information... so why are HTTP  
headers any

less reliable than getting data from the registry?  Also,
what kind of data you get depends on the access level of the user.
I wouldn't let just any code run client side and collect that type of
information, its usually a hallmark of spyware.

What exactly are you trying to do?

-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"To announce that there must be no criticism of the president, or  
that we
are to stand by the president right or wrong, is not only  
unpatriotic and

servile, but is morally treasonable to the American public."
 -- Theodore Roosevelt


On Oct 27, 2006, at 10:45 AM, Dave Bellevue wrote:


I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the
client machine - we need to gather information from the registry,  
find

things like the machine name (http header vars are not reliable) and
determine if processes are running and then pass that info into a
page.

Thanks,
Dave Bellevue




-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-







-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

RE: [ACFUG Discuss] Client side

2006-10-27 Thread Gerrey . Mary-Catherine

Would something like this be useful?
http://www.belarc.com/free_download.html

mcg

Dave Bellevue <[EMAIL PROTECTED]>

Sent by: [EMAIL PROTECTED]
10/27/2006 12:03 PM

Please respond to
discussion@acfug.org

To
discussion@acfug.org

cc

Subject
RE: [ACFUG Discuss] Client side

Short story is that we 'deliver' applications to machines
in a corporate
environment by initiating pulls via Marimba. 

We were doing this with .NET, and were able to gather information about
the
machine and verify that all the things were in place before a user requested
an app - getting the machine name allowed us to track what was delivered,
verifying that the correct processes were running so that the app would
actually be delivered, a value stored in the registry told us that the
machine was actually a valid corporate image.

In this 'new' environment, we don't have the .net framework installed on
the
client side, and have machines that may not even be able to run it...
Currently we aren't able to get ANY info off of the client.

The more information we are able to gather, the better we can target the
machine.

Make any sense?

Thanks,
Dave

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe
Sent: Friday, October 27, 2006 11:03 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

You can't trust any client side information... so why are HTTP headers
any
less reliable than getting data from the registry?  Also,  
what kind of data you get depends on the access level of the user.  

I wouldn't let just any code run client side and collect that type of
information, its usually a hallmark of spyware.

What exactly are you trying to do?

-dhs

Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"To announce that there must be no criticism of the president, or
that we
are to stand by the president right or wrong, is not only unpatriotic and
servile, but is morally treasonable to the American public."
     -- Theodore Roosevelt

On Oct 27, 2006, at 10:45 AM, Dave Bellevue wrote:

> I've been away from CF for a while, but am coming back into MX7
>
> Need to know what is the best (and/or easiest) way run code on the

> client machine - we need to gather information from the registry,
find 
> things like the machine name (http header vars are not reliable) and

> determine if processes are running and then pass that info into a

> page.
>
> Thanks,
> Dave Bellevue
>
>
>
>
> -
> To unsubscribe from this list, manage your profile @ 
> http://www.acfug.org?fa=login.edituserform
>
> For more info, see http://www.acfug.org/mailinglists Archive @ 
> http://www.mail-archive.com/discussion%40acfug.org/
> List hosted by http://www.fusionlink.com
> -
>
>
>

-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by FusionLink
-

RE: [ACFUG Discuss] Client side

2006-10-27 Thread john . lyons

http://java.sun.com/developer/technicalArticles/Security/Signed/

with the assumption that the client machines have java installed.


> Short story is that we 'deliver' applications to machines in a corporate
> environment by initiating pulls via Marimba.
>
> We were doing this with .NET, and were able to gather information about
> the
> machine and verify that all the things were in place before a user
> requested
> an app - getting the machine name allowed us to track what was delivered,
> verifying that the correct processes were running so that the app would
> actually be delivered, a value stored in the registry told us that the
> machine was actually a valid corporate image.
>
> In this 'new' environment, we don't have the .net framework installed on
> the
> client side, and have machines that may not even be able to run it...
> Currently we aren't able to get ANY info off of the client.
>
> The more information we are able to gather, the better we can target the
> machine.
>
> Make any sense?
>
> Thanks,
> Dave
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe
> Sent: Friday, October 27, 2006 11:03 AM
> To: discussion@acfug.org
> Subject: Re: [ACFUG Discuss] Client side
>
> You can't trust any client side information... so why are HTTP headers any
> less reliable than getting data from the registry?  Also,
> what kind of data you get depends on the access level of the user.
> I wouldn't let just any code run client side and collect that type of
> information, its usually a hallmark of spyware.
>
> What exactly are you trying to do?
>
> -dhs
>
>
> Dean H. Saxe, CISSP, CEH
> [EMAIL PROTECTED]
> "To announce that there must be no criticism of the president, or that we
> are to stand by the president right or wrong, is not only unpatriotic and
> servile, but is morally treasonable to the American public."
>  -- Theodore Roosevelt
>
>
> On Oct 27, 2006, at 10:45 AM, Dave Bellevue wrote:
>
>> I've been away from CF for a while, but am coming back into MX7
>>
>> Need to know what is the best (and/or easiest) way run code on the
>> client machine - we need to gather information from the registry, find
>> things like the machine name (http header vars are not reliable) and
>> determine if processes are running and then pass that info into a
>> page.
>>
>> Thanks,
>> Dave Bellevue
>>
>>
>>
>>
>> -
>> To unsubscribe from this list, manage your profile @
>> http://www.acfug.org?fa=login.edituserform
>>
>> For more info, see http://www.acfug.org/mailinglists Archive @
>> http://www.mail-archive.com/discussion%40acfug.org/
>> List hosted by http://www.fusionlink.com
>> -
>>
>>
>>
>
>
>
> -
> To unsubscribe from this list, manage your profile @
> http://www.acfug.org?fa=login.edituserform
>
> For more info, see http://www.acfug.org/mailinglists Archive @
> http://www.mail-archive.com/discussion%40acfug.org/
> List hosted by http://www.fusionlink.com
> -
>
>
>
>
>
>
>
>
> -
> To unsubscribe from this list, manage your profile @
> http://www.acfug.org?fa=login.edituserform
>
> For more info, see http://www.acfug.org/mailinglists
> Archive @ http://www.mail-archive.com/discussion%40acfug.org/
> List hosted by http://www.fusionlink.com
> -
>
>
>
>



-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

Re: [ACFUG Discuss] Client side

2006-10-27 Thread Dean H. Saxe

Sure it makes sense.  But the quality of data is questionable any  
time you depend on a client-side app.


-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"To announce that there must be no criticism of the president, or  
that we are to stand by the president right or wrong, is not only  
unpatriotic and servile, but is morally treasonable to the American  
public."

-- Theodore Roosevelt


On Oct 27, 2006, at 12:03 PM, Dave Bellevue wrote:

Short story is that we 'deliver' applications to machines in a  
corporate

environment by initiating pulls via Marimba.

We were doing this with .NET, and were able to gather information  
about the
machine and verify that all the things were in place before a user  
requested
an app - getting the machine name allowed us to track what was  
delivered,
verifying that the correct processes were running so that the app  
would

actually be delivered, a value stored in the registry told us that the
machine was actually a valid corporate image.

In this 'new' environment, we don't have the .net framework  
installed on the

client side, and have machines that may not even be able to run it...
Currently we aren't able to get ANY info off of the client.

The more information we are able to gather, the better we can  
target the

machine.

Make any sense?

Thanks,
Dave

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H.  
Saxe

Sent: Friday, October 27, 2006 11:03 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

You can't trust any client side information... so why are HTTP  
headers any

less reliable than getting data from the registry?  Also,
what kind of data you get depends on the access level of the user.
I wouldn't let just any code run client side and collect that type of
information, its usually a hallmark of spyware.

What exactly are you trying to do?

-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"To announce that there must be no criticism of the president, or  
that we
are to stand by the president right or wrong, is not only  
unpatriotic and

servile, but is morally treasonable to the American public."
 -- Theodore Roosevelt


On Oct 27, 2006, at 10:45 AM, Dave Bellevue wrote:


I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the
client machine - we need to gather information from the registry,  
find

things like the machine name (http header vars are not reliable) and
determine if processes are running and then pass that info into a
page.

Thanks,
Dave Bellevue




-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-







-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-







-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform


For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

Re: [ACFUG Discuss] Client side

2006-10-27 Thread Dean H. Saxe


Which still doesn't address the quality of the data...

Why do you need this info from the client?  What is the deployment  
scenario?  Why should any user trust your applet/ActiveX control?   
Why isn't it spyware?


-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"Free speech exercised both individually and through a free press, is  
a necessity in any country where people are themselves free."

-- Theodore Roosevelt, 1918


On Oct 27, 2006, at 11:49 AM, [EMAIL PROTECTED] wrote:


Signed Java Applet

I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the  
client
machine - we need to gather information from the registry, find  
things

like
the machine name (http header vars are not reliable) and determine if
processes are running and then pass that info into a page.

Thanks,
Dave Bellevue




-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-







-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform


For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

RE: [ACFUG Discuss] Client side

2006-10-27 Thread Dave Bellevue

Was thinking something like that, although I'm not a Java developer As I
remember, CF used to come with some stuff that would be delivered to the
client machine for stuff like graphs (?)... Sounds like there's nothing like
that that would do what I need that comes with MX7?

Thanks...

Dave 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, October 27, 2006 11:50 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

Signed Java Applet
> I've been away from CF for a while, but am coming back into MX7
>
> Need to know what is the best (and/or easiest) way run code on the 
> client machine - we need to gather information from the registry, find 
> things like the machine name (http header vars are not reliable) and 
> determine if processes are running and then pass that info into a 
> page.
>
> Thanks,
> Dave Bellevue
>
>
>
>
> -
> To unsubscribe from this list, manage your profile @ 
> http://www.acfug.org?fa=login.edituserform
>
> For more info, see http://www.acfug.org/mailinglists Archive @ 
> http://www.mail-archive.com/discussion%40acfug.org/
> List hosted by http://www.fusionlink.com
> -
>
>
>
>



-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-








-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

RE: [ACFUG Discuss] Client side

2006-10-27 Thread Dave Bellevue

Short story is that we 'deliver' applications to machines in a corporate
environment by initiating pulls via Marimba. 

We were doing this with .NET, and were able to gather information about the
machine and verify that all the things were in place before a user requested
an app - getting the machine name allowed us to track what was delivered,
verifying that the correct processes were running so that the app would
actually be delivered, a value stored in the registry told us that the
machine was actually a valid corporate image.

In this 'new' environment, we don't have the .net framework installed on the
client side, and have machines that may not even be able to run it...
Currently we aren't able to get ANY info off of the client.

The more information we are able to gather, the better we can target the
machine.

Make any sense?

Thanks,
Dave

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe
Sent: Friday, October 27, 2006 11:03 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Client side

You can't trust any client side information... so why are HTTP headers any
less reliable than getting data from the registry?  Also,  
what kind of data you get depends on the access level of the user.
I wouldn't let just any code run client side and collect that type of
information, its usually a hallmark of spyware.

What exactly are you trying to do?

-dhs

Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"To announce that there must be no criticism of the president, or that we
are to stand by the president right or wrong, is not only unpatriotic and
servile, but is morally treasonable to the American public."
 -- Theodore Roosevelt

On Oct 27, 2006, at 10:45 AM, Dave Bellevue wrote:

> I've been away from CF for a while, but am coming back into MX7
>
> Need to know what is the best (and/or easiest) way run code on the 
> client machine - we need to gather information from the registry, find 
> things like the machine name (http header vars are not reliable) and 
> determine if processes are running and then pass that info into a 
> page.
>
> Thanks,
> Dave Bellevue
>
>
>
>
> -
> To unsubscribe from this list, manage your profile @ 
> http://www.acfug.org?fa=login.edituserform
>
> For more info, see http://www.acfug.org/mailinglists Archive @ 
> http://www.mail-archive.com/discussion%40acfug.org/
> List hosted by http://www.fusionlink.com
> -
>
>
>

-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

RE: [ACFUG Discuss] Client side

2006-10-27 Thread axunderwood

Coldfusion would have to be running on the client machine and you'd have to use 
cfregistry tag.  

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dave Bellevue
Sent: Friday, October 27, 2006 10:46 AM
To: discussion@acfug.org
Subject: [ACFUG Discuss] Client side

I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the client
machine - we need to gather information from the registry, find things like
the machine name (http header vars are not reliable) and determine if
processes are running and then pass that info into a page.

Thanks,
Dave Bellevue

-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

Re: [ACFUG Discuss] Client side

2006-10-27 Thread john . lyons

Signed Java Applet
> I've been away from CF for a while, but am coming back into MX7
>
> Need to know what is the best (and/or easiest) way run code on the client
> machine - we need to gather information from the registry, find things
> like
> the machine name (http header vars are not reliable) and determine if
> processes are running and then pass that info into a page.
>
> Thanks,
> Dave Bellevue
>
>
>
>
> -
> To unsubscribe from this list, manage your profile @
> http://www.acfug.org?fa=login.edituserform
>
> For more info, see http://www.acfug.org/mailinglists
> Archive @ http://www.mail-archive.com/discussion%40acfug.org/
> List hosted by http://www.fusionlink.com
> -
>
>
>
>



-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

re: [ACFUG Discuss] Client side

2006-10-27 Thread Mischa Uppelschoten ext 10

I'd suggest VBScript?

http://p2p.wrox.com/topic.asp?TOPIC_ID=2759

/m



> I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the client
machine - we need to gather information from the registry, find things like
the machine name (http header vars are not reliable) and determine if
processes are running and then pass that info into a page.

Thanks,
Dave Bellevue




-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-





<



Mischa Uppelschoten
The Banker's Exchange, Inc.
2020 Hills Avenue NW
Atlanta, GA  30318

Phone:(404) 605-0100 ext. 10
Fax:(404) 355-7930
Web:www.BankersX.com
Follow this link for Instant Web Chat:
http://www.bankersx.com/Contact/chat.cfm?Queue=MUPPELSCHOTEN



-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

Re: [ACFUG Discuss] Client side

2006-10-27 Thread Dean H. Saxe

You can't trust any client side information... so why are HTTP  
headers any less reliable than getting data from the registry?  Also,  
what kind of data you get depends on the access level of the user.
I wouldn't let just any code run client side and collect that type of  
information, its usually a hallmark of spyware.


What exactly are you trying to do?

-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"To announce that there must be no criticism of the president, or  
that we are to stand by the president right or wrong, is not only  
unpatriotic and servile, but is morally treasonable to the American  
public."

-- Theodore Roosevelt


On Oct 27, 2006, at 10:45 AM, Dave Bellevue wrote:


I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the  
client
machine - we need to gather information from the registry, find  
things like

the machine name (http header vars are not reliable) and determine if
processes are running and then pass that info into a page.

Thanks,
Dave Bellevue




-
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-







-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform


For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

[ACFUG Discuss] Client side

2006-10-27 Thread Dave Bellevue

I've been away from CF for a while, but am coming back into MX7

Need to know what is the best (and/or easiest) way run code on the client
machine - we need to gather information from the registry, find things like
the machine name (http header vars are not reliable) and determine if
processes are running and then pass that info into a page.

Thanks,
Dave Bellevue




-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

RE: [ACFUG Discuss] Client side

RE: [ACFUG Discuss] Client side

RE: [ACFUG Discuss] Client side

Re: [ACFUG Discuss] Client side

Re: [ACFUG Discuss] Client side

Re: [ACFUG Discuss] Client side

RE: [ACFUG Discuss] Client side

Re: [ACFUG Discuss] Client side

RE: [ACFUG Discuss] Client side

RE: [ACFUG Discuss] Client side

Re: [ACFUG Discuss] Client side

Re: [ACFUG Discuss] Client side

RE: [ACFUG Discuss] Client side

RE: [ACFUG Discuss] Client side

RE: [ACFUG Discuss] Client side

Re: [ACFUG Discuss] Client side

re: [ACFUG Discuss] Client side

Re: [ACFUG Discuss] Client side

[ACFUG Discuss] Client side

19 matches

Site Navigation

Mail list logo

Footer information