Endpoint Protection

 View Only

  • 1.  The Problem of Tracking Cookie

    Posted Apr 20, 2009 04:56 AM
    Everytime we scan the machine, atleast one risk is found to be "Tracking Cookie" This is harmless but it should get removed completely.

    That seems to be a harmless kind of risk, but it does gets detected, 100% of the time. That is little annoying.


    imagebrowser image

    Is there any remedy for the same?

    Tejas


  • 2.  RE: The Problem of Tracking Cookie

    Posted Apr 20, 2009 05:22 AM
    Well, all AVs I've tested do detect the tracking cookie as a threat because it saves and sends information the way some malwares work. If you really want to try to minimize this, try modifying the browsers way of handling cookies by disabling cookies and then selecting which sites should be allowed to create  cookies on your PC.


  • 3.  RE: The Problem of Tracking Cookie

    Posted Apr 20, 2009 05:32 AM
    http://www.symantec.com/security_response/writeup.jsp?docid=2006-080217-3524-99&tabid=1


  • 4.  RE: The Problem of Tracking Cookie

    Posted Apr 20, 2009 06:46 AM
    Try to change cookie settings in your browser
    it should work


  • 5.  RE: The Problem of Tracking Cookie

    Posted Apr 20, 2009 08:51 AM
     At this point, the logs of the tracking cookie is just ignored by us. We will have cookies being embedded in websites all the time. Its almost a futile excercise getting most sites to work completely if you take the browser settings to paranoid levels. I guess its a necessary evil that we live with


  • 6.  RE: The Problem of Tracking Cookie

    Posted Apr 20, 2009 09:07 AM

    Possibly a BHO downloading this cookie. You might think about considering that angle as well.
     



  • 7.  RE: The Problem of Tracking Cookie

    Posted Apr 20, 2009 09:14 AM
     Yeah, but if you dont allow cookies to be downloaded,  sites could have reduced functionality


  • 8.  RE: The Problem of Tracking Cookie

    Posted Apr 20, 2009 02:38 PM
    With the implementation of IE 7, you have the option in advanced settings of the privacy to "override automaitc cookie handling".  This becomes a necessary evil; if the expression permits.

    If you, for example go to a site, where a certificate is generate or a secure login is required...  the system needs to have a "tracking cookie" to validate that you have been through the authentication process.

    Failure to do so, will generally result in a loop, requesting to continuously re-authenticate.  The re-authentication process tries to place the "time sensitive" cookie in the browser's cache, indicating that you have been through the required steps in a timely fashion.

    Banks for example do this, as do most HTTPS sites. 

    This is to preserve the "proper person" is actually the one performing the transaction.  Thus, someone opening your browser and returning to your banking site, cannot simply refresh the page and have access to your data.  2 reasons for this being:
    1. The "time sensitive" cookie is expired
    2. The session requires authentication.

    Unfortunately, this is not always the case.  Some sites, simply "like to track a person behavioral patterns" for later use or marketting.  This is often done vie Malware or Malicious code that has spread to even legitimate sites.

    Completely removing all tracking cookies from all sites, would in turn mean removing even the legitimate ones, causing even possibly, access to your internal mail (web based) server to fail.