Online Armor- Configuration Questions

Discussion in 'other anti-malware software' started by bellgamin, Aug 15, 2005.

Thread Status:
Not open for further replies.
  1. bellgamin

    bellgamin Very Frequent Poster

    Aug 1, 2002
    A) When adding (for example) to "Trusted Sites" or "Protected Sites"...

    1) Is it necessary to include the www (as in
    2) Is it necessary to include the trailing slash (as in

    B) If I want to trust everything at (for example), which of the following entries would best do the job...


    C) If I want to block everything at (for example) EXCEPT, can I? If so how?

    D) Is there a config method whereby Internet Explorer (for example) can be allowed ONLY if I personally call it, but not if it's called by a program?

    >>NOTE- The above question arises because config only lets me categorize any given program as either "Allow" or "Block" -- there is no "Ask Me" category. (Hint hint) ;)
  2. MikeNash

    MikeNash Security Expert

    Jun 9, 2005
    Sydney, Australia
    Hi Bellgamin,

    Ok - first things first - let me describe protected/trusted/not trusted and how that works so we're all on the same page...

    Trusted - you know the site is safe. All content is allowed, without alert.

    NOT Trusted - you (or we) know the site is NOT safe. So, any potentially dangerous content is blocked, without any alerts.

    Unknown - nobody knows - so, we'll alert on potentially dangerous objects only.

    PROTECTED sites are a little bit different. They are designed to be your personal, high value sites such as Online Banking - in fact, its specifically for Online Banking. MUCH More restrictive policies are applied to this, so it should be used sparingly.

    For example, a PROTECTED site has it's DNS lookup on your computer checked against a third-party trusted DNS to check for DNS trickery. Similarly, protected sites cannot have content linked from them on other sites, nor can they have other sites content embedded in them.

    You would add * - the validation occurs on the domain, not the URL. You can also, for example, add things like ad?.adserver.address and set as not trusted.

    No, you can't right now but it sounds like a good feature. The only impact trusted/not trusted has is to determine how potentially dangerous objects are managed.

    No, not at the moment. I'd actually like this for my kid. My online banking only works in IE *grumble grumble* , and Outlook web access looks awful in anything without IE. And that's all I use IE for. So, maybe we'll do something around here too.


    Hint received. Expect this in a service release soon.
  3. Trooper

    Trooper Registered Member

    Jan 26, 2005
    This sounds good. :D

    Nice hint bellgamin. ;)
Thread Status:
Not open for further replies.