I was @ http://www.wilders.org/securing_your_pc.htm



just peaking around trying to find out more info on SSM (System Safety Monitor program) and noticed at the bottom security suggestions, and a few stood out for me:

? disable HTML in your e-mail software;
? rename shscrap.dll to shscrapold;
? install HTAstop; for more info look at our free tools page.
? install DSOstop; for more info look at our free tools page

Some questions on above:

1) How does one know if HTML mail is enabled, and if it is how does one disable for example netscape messenger, or hotmail.com

2) what does shscrap.dll do and why rename it, what is impact of renaming this .dll

3) HTA Stop and DSO stop worth installing or not?

TIA




url repaired==bigc

Hi peakaboo,

Some good questions there, I'm glad you reposted them over here, as I was about to do that myself. ;) So, to answer your questions...

1. Many email clients allow you to use either plain text, rich-text (MS products anyway) or HTML to read and compose your email messages. Most of the time there are options in the "Preferences..." menu item to help you choose which of these your client will use. You may need to go looking through the options to find where you configure this.

Here is a site with an overview of using HTML in email. Searching at Google for "HTML email" with or without other keywords will find a lot on this subject.

http://www.ibiztips.com/email19FEB01.htm

You could also look through the built-in help in Netscape for specific information on your product. Also, here's the company's general help site:

http://channels.netscape.com/ns/help/default.jsp


2. "shscrap.dll" is a fine example of Microsoft providing ease of use capabilities, with no thought for security. You can think of these files (i.e. files ending in the extension .shs) as containers for other kinds of files. A .shs file could be anything, including an executable program, but it can look like any other type of file to fool you into opening it (aka. running it).

Renaming shscrap.dll disables the file type ".shs" to which I can find no downside. Almost no one uses .shs files for anything. It's a "feature in search of a use". And you don't need it. Here are a couple reference sites for shs:

http://www.cknow.com/cknewsletter/0407.htm#scrapfiles

http://www.pc-help.org/security/scrap.htm


3. And as to whether "HTAStop and DSOstop are worth installing?", my response is Why not? Using these two tools to ensure your system is protected can not hurt you at all. Yes, you may be patched and/or configured so that these are no longer an issue, but, again, using these won't hurt.

There is interesting, if a little old, information here on one real-world threat that made use of the HTA exploit:

http://vil.nai.com/vil/content/v_98855.htm

The recommendations at the Wilders.org Security page (http://www.wilders.org/securing_your_pc.htm) can make a significant difference in how vulnerable your system is, regardless of whatever other tools or security applications you may be running. To my knowledge, these recommendations have never caused anyone any harm and as you see from the descriptions, they are easily reversed if you wish.

Hope this helps to explains these,
LowWaterMark

LowWaterMark,

I appreciate your response.

Helps a lot.

Thank You

My pleasure peakaboo - truly. :)

Having questions to answer can be just as important to forum participants as getting answer to questions. It is all good, and helps to make any forum all the more valuable.

Best Wishes,
LowWaterMark

I could not find an option for incoming email - there may not be one as far as I can tell, so you may want to consider a program like mailwasher

http://www.mailwasher.net/

the latest beta version 2.0.19 beta covers hotmail and a whole lot more

the Latest Stable Version is: 1.33

I have not tried either, waiting for the beta to become the stable

Those using NS messenger you can find the option to change from composing email using HTML editor to plain text under:

edit, preferences, mail & newsgroups, formatting

under message formatting select plain text editor

also you may want to consider going to SSL or TLS always under mail servers if it works for you.

thought I would put this here too:

the privacy issue (includes cookie handling & other browser privacy issues) and also the pc performance issue.

For me the answer is:

cookie wall
adshield
proxomitron

Best freeware programs on the net IMO.

If you get a chance, take a peak at the following links:

http://privacy.net/

click on full analysis and see how much info can be pulled.

more tests - you should be able to pass them all:

http://www.pcflank.com/browser_test1.htm

http://www.pcflank.com/scanner1s.htm

http://www.jasons-toolbox.com/BrowserSecurity/

http://browsercheck.qualys.com/

http://www.dslreports.com/scan

Good Luck

after running some of the tests above, if you find privacy is an issue, then I believe it follows that performance may be vulnerable so feel free to check this link out and look for my post on proxo (free proggie):

http:// http:// http://www.wilderssecurity.com/showthread.php?t=4927;start=0

Just saw a post by LowWaterMark re: AdSubtract

looks like a nice little proggie and based on features on their website looks like it can do it all in a single proggie (although not free)

link here: http://www.wilderssecurity.com/showthread.php?t=5371



url's repaired==bigc

The following may not make you any more secure, but it may make you feel better if your firewall log is filling up with TCP, UDP, & ICMP scan warnings and you don't know who to alert concerning your plight:

http://security2.norton.com/ssc/vr_main.asp?j=0&langid=us&venid=sym&plfid=20&pkj=GQFPPWFYJOKMFIDPMSV

using Norton's check servers, you can back trace anonymously and when the trace is done, you can click under the network heading for the IP address that is f*ing w/u and a pop up window will do a who is using

Whois database, last updated 2002-11-25 19:05
# Enter ? for additional hints on searching ARIN's Whois database.

details on who to contact for abuse are provided if available.

Warning if you are stealth, they don't know you are out there once you start using email (obviously a dummy email would be used say from yahoo or hotmail) and complaining, you may lose your stealth advantage especially if you are on a static line.

What you may finally want to do is to say: I'm going to get tagged everyday, and at this point I have no DOS issues so turn off the log and live with the fact that there are idiots out there with nothing better to do then try to exploit others.

As long as you are running stealth who cares ;)

-{ Quote: " quoting: peakaboo link=board=18;threadid=5367;start=0#36064 date=1039999727]What you may finally want to do is to say: I'm going to get tagged everyday, and at this point I have no DOS issues so turn off the log and live with the fact that there are idiots out there with nothing better to do then try to exploit others. " }-

That is very good advice peakaboo!!

While we need to make sure our systems are safe and secured, which we can accomplish through the "informed and proper use" of various security tools, as discussed daily thoughout this forum, we also need to know what things to stop worrying about. If only so that we can "get on with our business," and use our PCs and the Internet for their intended purpose. (Of course, the intended purpose varies from person to person. Myself, being in the computing security field, much of what I do with security online is my intended purpose ;) ).

People can spend a huge amount of their online time obsessing over security. It can get so bad that they end up doing nothing else except tweaking security software and reading about security online. While there is nothing wrong with learning about security and expanding our capabilities, if this is all we end up doing, when in fact there were other things we really wanted to be accomplishing online, then it's too much.

I was visiting uiuc.edu just browsing, and ran across an interesting test from lockdown (link below) look for the MAC test:

NetBIOS MAC test:

This test will probe your computer for your MAC address. The Media Access Control (MAC) address above comes from your network card or dialup adapter. If you have a network card in your computer, this number is a unique 48-bit serial number that cannot be turned off or changed. Having your MAC serial number exposed is like having a monster cookie that is leaving your finger print everywhere you go and logging everything you do on the net. When you are TRULY stealthed your MAC address will not show up on this test http://stealthtests.lockdowncorp.com/


Dos Ping Test is good ck also.

The IE Vulnerability Test - well let's just say I was reluctant to try but finally did.

Use this test to detect a browser vulnerability. If your browser fails this test, hackers can infect your computer automatically when you visit an infected web page.

Not sure how I did, but siffice it to say that the file BrowserX.hta never made it to my hard drive. Guess that means I passed. I murdered a Java Applet, and some Java scripts along the way but hey that's how it goes... LOL

Those who are a little squeamish about their IE browser security may want to skip the IE Vulnerability Test... sometimes IIB (ignorance is bliss) rules.

ck em out, good luck.
____________________

BTW, LWM - you make a good point above:

"While we need to make sure our systems are safe and secured, which we can accomplish through the "informed and proper use" of various security tools, as discussed daily thoughout this forum, we also need to know what things to stop worrying about."


url repaired==bigc

IE Internet Zone settings - ran across this at another site: http://asp.flaaten.dk/proxo/topic.asp?TOPIC_ID=851

if u need some of the stuff which is disabled in the IZ and u trust the site, stick the site in the trusted zone.

anyone know of a good ap which can add sites on the fly to trusted sites?





url repaired==bigc

-{ Quote: " quoting: peakaboo link=board=18;threadid=5367;start=0#39337 date=1041641936]
IE Internet Zone settings - ran across this at another site:

http://asp.flaaten.dk/proxo/topic.asp?TOPIC_ID=851

if u need some of the stuff which is disabled in the IZ and u trust the site, stick the site in the trusted zone.

anyone know of a good ap which can add sites on the fly to trusted sites?

" }-

I found two options which should allow you to quickly add sites to trusted zone with a click of the mouse:

Microsoft Internet Explorer 5 Power Tweaks Web Accessories ( Note: This download is only for Internet Explorer 5.x. )

http://www.microsoft.com/windows/ie/previous/webaccess/pwrtwks.asp

Thanks Jackb for posting this link.

************** or **************

this post from:

passer by @ spywareinfo:
http://www.spywareinfoforum.com/yabbse/showthread.php?t=871


Re:Security feature for m$ie
« Reply #7 on: August 20, 2002, 06:23:30 PM »

-------------------------------------------------------------------------
"Trust Setter" from Jason Levine puts the same two options on IE's tool bar, works perfectly and doesn't require power tweaks or anything else , just unzip and double click "install.vbs"
http://www.jasons-toolbox.com/ScriptRepository/


ps..being vbs script blockers like "Script Sentry" will popup.

pps..as well you can add a site to trusted or restricted by right clicking on a link, usefull if you want to visit a "nasty" site you see on one of these pages.

************ note from Peak ************

It takes about 8 mouse clicks & 1 keystroke to add a site to trusted zone without the aid of the above mentioned aps normally:

double click status bar @ Internet icon
click trusted sites
click sites
type h, and select the url from the drop down box
select add
ok out

----------------------

long way is select tools
internet options
security tab
then start from step 2 above



url's repaired==bigc

I ran across some info written by Fred Langa which appears for the most part dated (old stuff) but, also ran across something which may be helpful for securing pc, specifically the networking setup, and removing the parts of your networking setup that make it easy for someone to connect to your PC via the Internet?s protocol: TCP/IP.

Any comments regarding the usefulness of this data are welcome.

Also comment on the need to unbind "Client for Microsoft Networks" from TCP/IP. Good step or not (any downside or negative aspect of unbinding CfMN from TCP/IP).

How to Make Windows Safer on the Internet from the Four Myths of Online Security article:
http://www.techweb.com/winmag/columns/explorer/2000/04.htm


excerpt below:

The information I?ll present here isn?t dangerous, but it?s always a good idea to make a backup of critical data on your system before you start making any system changes; and to write down what your settings were so you can restore things if you need to.

Let?s start by examining your networking setup: Right-click Network Neighborhood and select Properties. (Or click the Network icon in Control Panel, which is the same thing.)

What we?ll now do is remove the parts of your networking setup that make it easy for someone to connect to your PC via the Internet?s protocol: TCP/IP:

If you don?t have a dial-up connection, skip to the next paragraph. Otherwise, double click Dial-Up Adapter, then Bindings. UNcheck anything in the bindings box except TCP/IP; then click OK. Next, in the main network dialog, double-click the item labeled "TCP/IP -> Dial-Up Adapter." (You may have to scroll down in the window to see it. Also, if a Dial Up Adapter is the only adapter in your system, it may simply say "TCP/IP.") You may get a warning from Windows about the danger of changing these settings; ignore the warning -- the real danger is in not changing these settings. After you dismiss the warning dialog box, click on the Bindings tab. In the Bindings box, if "Client for Microsoft networks" and/or "File and printer sharing for Microsoft networks" are present and checked, UNcheck them, and click OK. If they were the only things TCP/IP was bound to, you?ll get a warning that states: "TCP/IP is no longer bound to any drivers" and asks whether you want to select one. Answer "No." You do not want clients or sharing services bound to TCP/IP.

*** continue reading article if desired by accessing the above link ***






url repaired==bigc

I'm running a poll regarding on-line vulnerability tests here:

http://www.wilderssecurity.com/showthread.php?t=6238

If you have not taken the 3 on-line tests (at the link above), please do so and then take the poll.

This was my 1st time setting up a poll guess the key is to keep it simple and cut down on the words, and poll option answers ( I have 8 possible answers).

Also my target audience was those who were having trouble passing the tests, unfortunately in the poll, I had them lower in the poll (poll answers 3, 4, 6 & 7), they should have been at the top of the poll option answers.

Anyway, again if you have trouble passing any of the tests, please post here in this thread.

The exploits are real, and should be addressed if your pc is vulnerable.

-{ Quote: " quoting: LowWaterMark link=board=18;threadid=5367;start=0#36078 date=1040003172]
-{ Quote: " quoting: peakaboo link=board=18;threadid=5367;start=0#36064 date=1039999727]People can spend a huge amount of their online time obsessing over security. It can get so bad that they end up doing nothing else except tweaking security software and reading about security online.
" }-" }-

LowWaterMark

This is so true :'( I don´t do anything else anymore but read these postings here, except I check out emails. Am I a nutcase all alone or is there someone else along? Tell me, please, if I need real help for life ? ??? ;) But since tomorrow I will start studying.....so I might not have strenght enough being online all nights. Okok but it is not that I was too scared to surf and blah blah but I love to learn and share.
This is not a poll question ::) but how about Peakaboo and LowWaterMark then ?

~Ari~

Peakaboo, keep up your good work !

-{ Quote: " quoting: K®us†y link=board=18;threadid=5367;start=0#41873 date=1042495384]LowWaterMark

This is so true :'( I don´t do anything else anymore but read these postings here, except I check out emails. Am I a nutcase all alone or is there someone else along? Tell me, please, if I need real help for life ? ??? ;) But since tomorrow I will start studying.....so I might not have strenght enough being online all nights. Okok but it is not that I was too scared to surf and blah blah but I love to learn and share." }-

Krusty,

I think learning about security and playing with new applications and settings can be really compelling and actually addictive. I think that's why a lot of us end up spending so much time on it - it's fun and educational - what could be better? ;D

Think about how you got here to Wilders... Perhaps you were doing searches regarding security, maybe that led you here directly or to some other site, and at that site were links to here... You start reading and testing stuff and before you know it, you're hooked.

Places like this are a "security junkies" paradise!! ;)

Peakaboo - regarding your question on the value of the information at that techweb / winmag article... I think any time you disable unneeded and unused services on your system, you have probably improved your security. If you don't need or use it, why leave it running as a possible hole for someone else to access your system!

You can never do too many security tweaks!

- opps, there I go, feeding my security addiction again!! :D

Backing away from the keyboard,
LowWaterMark

Peakaboo

Have you tried Taskinfo 2002 yet? It´s a great informative app, freeware. It shows even your CPU, how much it works, how much iddles.
Omg, I notice it is not free anymore :(. I have had my copy for long time.. .. http://www.softpile.com/Utilities/System_Tools/Review_10064_index.html
~Ari~


but here it costs only 12$ :
http://www.pcworld.com/downloads/file_description/0,fid,7628,00.asp

the same trustworthy Igor Arsenin product, better watch the prices before rushing to burn $



url repaired==bigc

As my big mouth makes me correcting myself I brought one similar app here named "Process Viewer for Windows"

" PrcView is a process viewer utility that displays detailed information about processes running under Windows. For each process it displays memory, threads and module usage. For each DLL it shows full path and version information. PrcView comes with a command line version that allows you to write scripts to check if a process is running, kill it, etc. "
http://www.teamcti.com/pview/prcview.htm

And THIS is freeware

^Ari^

Krusty,

> Peakaboo, keep up your good work !

I appreciate your encouragement.

With the number of page views on my poll and no problems passing the 3 tests cited, I thought I would open the door here on this thread again to insure no one was having a problem.

I must admit I am surprised, I really thought they were tough tests. It appears that if at least half the number of people who viewed my poll took all 3 tests, and cited no problems. Sounds like everyone is in good shape.

This is good.

>Have you tried Taskinfo 2002 yet?

Krusty, I sure haven't but it sounds interesting. The last program I loaded was Spybot - Really great program. I am waiting for next iteration of system safety monitor to try out, and also waiting on a good backup freeware anti-trojan program - sounds like Ants is going to be awhile from what I have been reading.

BTW, I'm also trying to back away from the PC. Got my system running as optimal as possible, until some new exploit comes along.


LowWaterMark,

> regarding your question on the value of the information
> at that techweb / winmag article... I think any time you
> disable unneeded and unused services on your system,
> you have probably improved your security. If you don't
> need or use it, why leave it running as a possible hole for
> someone else to access your system!

> You can never do too many security tweaks!


I appreciate your insight on this. Good advice.

I'm all tweaked out.

Thanks again guys for your insight.

Anyone know of a good place to learn about the use of ClassIDs in conjunction with security?

Spybot uses ClassIDs somehow.

I'm sure other similar programs may also use ClassIDs to id bad stuff and maybe to overlook some good stuff.

Just curious.

TIA

_____________________

Good Link below for you Proxo users filter & ClassID list: http://asp.flaaten.dk/proxo/topic.asp?TOPIC_ID=415



last update to ClassID list 7/5/03 (http://asp.flaaten.dk/proxo/uploaded/sidki3003/200375232324_ClassIDs.txt)

8)

url repaired==bigc

-{ Quote: " quoting: peakaboo link=board=18;threadid=5367;start=15#msg42341 date=1042682902]

Good Link below for you Proxo users filter & ClassID list: http://asp.flaaten.dk/proxo/topic.asp?TOPIC_ID=415



last update to ClassID list 7/5/03 (http://asp.flaaten.dk/proxo/uploaded/sidki3003/200375232324_ClassIDs.txt)

8)

" }-

New link for classid list & filter from Sidki 11/22/03 update:



you have to register @ Yahoo proxomitron forums to view forums or to download files from there. http://groups.yahoo.com/group/prox-list/files/Filters/Security/

update adds some BHOs to the list... nice work sidki :)

note also the first of the two links quoted above no longer works...


enjoy the update... thanks sidki 8)


url repaired==bigc

:) Proxomitron Rocks!

I just ressurected my use of Proxomitron (with latest edition 4.5) because my old proggies for ad blocking no longer work with Opera 7.11. I am extremely pleased with it. I thought my new Opera was fast, but now it has Warp-Drive! 8)

The Yahoo Prox-list group has a new member. ;D

Thanks!

Larry :)

Larry,

Latest Opera version 7.23 resolves some serious security holes which exist in versions 7.22 and below (7.11 has the security issues) http://jouko.iki.fi/adv/opera.html


http://www.securityfocus.com/archive/1/344223/2003-11-12/2003-11-18/2


also sidki has a mean ad & ad banner filter which works very well with Opera. If not in list of downlds @ yahoo proxo forum, just post @ yahoo proxo forum and I'm sure sidki will respond.



url repaired==bigc

:) Thanks for the links!

I was made aware of this before but only in general. Can Proxo block ads in Opera itself?? Do they provide patches? I have the paid for version.

One thing that puzzles me is why they would have this feature (which is a profound weakness) in the first place?? Could Proxo block it in any way if configured properly? Afterall, Opera has to go through it to get there. ???

Any help will be deeply appreciated. :)

Since you paid for Opera 7.11 you get free upgrades to any version update for Opera 7.x

if or rather when Opera comes out with major upgrade say to Opera 8, you would be entitled to a discount $15 in getting version 8 and alll the upgrades in the 8 series...

(c forum discussion "Opera upgrade policy" links at bottom of this post)

suggest you dwnload Opera 7.23 and install it in same directory as your 7.11, no code entry required; or if you prefer install to a different directory, if you choose this method you will have to enter your code...

dld 7.23 here: http://my.opera.com/



regarding use of proxo to defend against the vulns corrected by the upgrade... why would you take this approach when all you have to do is install the latest version.

BTW Opera 7.2+ is way better than Opera 7.11. So if you like 7.11 you should be enthralled with 7.23

re: ad kill within Opera you should not be getting ads with the paid for version the ad banner goes away

pricing policy in few words: posted by ICE (http://my.opera.com/forums/showthread.php?threadid=8100&highlight=upgrade+policy+paid+version)

more on upgrade policy (http://my.opera.com/forums/showthread.php?threadid=14213&highlight=upgrade+policy+paid+version)

good luck...



url repaired==bigc

:) Thanks for your help peakaboo!

I am now upgraded to Opera 7.23. This is my first upgrade/overwrite of Opera. Never done it before, hence my strange questions/ideas. It was really very easy. I did backup the important files as they suggested first.

Using Opera 7.up on a DSL connection is just as fast as the broadband connection we have at work. (DSL is 60% cheaper than broadband in my area.) I consider the speed to be a big bonus. I hate waiting around. ;D


Larry :)

-{ Quote: " quoting: Prince_Serendip link=board=18;threadid=5367;start=15#msg107238 date=1070654938]
:) Proxomitron Rocks!

I just ressurected my use of Proxomitron (with latest edition 4.5) because my old proggies for ad blocking no longer work with Opera 7.11. I am extremely pleased with it. I thought my new Opera was fast, but now it has Warp-Drive! 8)

The Yahoo Prox-list group has a new member. ;D

Thanks!

Larry :)
" }-

Glad the upgrade to 7.23 went smooth.

re: proxomitron - you may know this already but here goes anyway (for the benefit of someone who doesn't),

The following two tips will help make proxo work real nice with Opera (applicable for other browsers too):


1) make sure you select "enable http1 for proxy" in Opera prefs settings (under network, proxy servers) in addition to the correct http settings prescribed by proxomitron)

2) in proxomitron under config, http tab, make sure you uncheck (or disable) "Local connections persist for"

link to support 1 & 2:

http://nontroppo.org/wiki/Opera7Performance

3) make sure your loop back, & DNS rules are in order:

good link if you have a rule based firewall is here:

http://www.dslreports.com/forum/remark,6642367~root=kerio~mode=flat

click on the screen shots - to enlarge, nice write up of information too

good free firewall try Kerio 2.1.5:

1) Kerio 2.1.5 is a good choice for anyone looking for a good free firewall (for personal use)

http://www.kerio.com/dwn/kpf/

1a) Kerio is light on resources and with a little effort and understanding can be properly configured to be stealth.

Generic Rule Set for Kerio (Proxy and no Proxy) (http://www.dslreports.com/forum/remark,6642367~root=kerio~mode=flat)

after you configure if you are able to pass the tcp pings and stealths below you should be ok:

https://grc.com/x/ne.dll?bh0bkyd2 corrected link

http://www.pcflank.com/scanner1s.htm

http://www.dslreports.com/scan tcp ping here

1b) for older systems like Win95 you will need Winsock 2 update for Win95 (http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/) and although Kerio 2.1.5 does not support Win95 it should run after the Winsock 2 update. Your option on this next one but it may not be a bad idea to get your tcp/ip stack more secure and in sync with Dun 1.4 upgrade (http://support.microsoft.com/default.aspx?scid=kb;en-us;285189)

2) coupled with SSM (System Safety monitor bolsters your outbound protection) you are protected from inbound & outbound just be aware of the following results:

http://www.pcflank.com/art41c.htm

SSM will kill any nontrusted Aps before they are launched this includes any leak tests.

more info on SSM here:

http://maxcomputing.narod.ru/ssme.html?lang

as indicated from the link above, older systems contact the author for a special build if the latest version of SSM does not work on your system.

Download the latest version of SSM here (http://kormushkin.narod.ru/ssm.zip)

leak tests are good for simulating your level of vulnerability, but not realistic* since they require downloading and running the .exe - be nice if someone could devise a test which acts more like the silent drive by trojans, to inform rather than destroy.

__________________________


* footnote explanation: stretch to think anyone concerned enough about safety and security would click on a link without knowing what it could do or without scanning first.

[hr]

two really nice features of Kerio other than being stealth are:

1) right click sys tray icon for kerio and select stop all traffic and it does immediately - you can reenable the same way or disconnect if you need to

2) animate tray icon red arrow indicates blocked rule matched

Pivx.com is offering something called Qwik-Fix?:

http://www.pivx.com/qwikfix/

http://www.pivx.com/qwikfix/faq.html

note from Peakaboo: I have not tried qwikfix. I do not use IE and I have good AV, Firewall protection... so if you decide to try you are on your own :)

[hr]

Qwik-Fix? provides another layer of essential security by closing off the pathways that worms and viruses use to penetrate your PC.. It does not affect any of your virus programs, firewall or other programs. Had users installed Qwik-Fix? on their PC?s, the recent LovSan/MS Blaster worm and the Sobig virus would have had no impact on them. And, it will close the doors that the next worm will try to enter thru to infect and spread its payload.

Qwik-Fix? is a product of PivX LABS, and results from our work with some of the largest companies in the world. PivX is a premier security research company which has focused its security research efforts on Microsoft?s Windows® and its ubiquitous Internet browser, Internet Explorer. PivX and its worldwide network of security researchers has located, tested and verified hundreds of security vulnerabilities in Internet Explorer alone. As a public service, PivX has also maintained a FREE public online listing of the vulnerabilities that were patched and those that remained Unpatched. Now we have developed Qwik-Fix?, a tool which helps protect your PC from these risky vulnerabilities.

Qwik-Fix? is designed to pro-actively prevent known software vulnerabilities in Windows and Internet Explorer from being exploited by malicious hackers, virus writers and worm writers. Qwik-Fix? is simple to use, Qwik-Fix? is easy to download and install. Qwik-Fix? is dynamic in that it serves as a temporary fix to known vulnerabilities until Microsoft releases a periodic monthly cumulative patch or a new Service Pack. As we find new vulnerabilities our subscribers will be updated immediately, thus staying one step ahead of the bad guys.

stumbled across this interesting idea by Belthazor to develop a filter for Proxo as a firewall to block ports...

obviously proxo was not designed as a firewall so it should not be relied on to perform this function, but I think it is a fun idea to watch develop, could possibly offer a different layer of protection if it pans out

http://www.cheatandwin.com/~proxo/forums/index.php?showtopic=70&st=0&

it will be interesting to check the link from time to time to see if JD or Jak pick up the ball 8)