other security setings

Discussion in 'other security issues & news' started by Mr.Blaze, Mar 24, 2002.

Thread Status:
Not open for further replies.
  1. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    ok i go in to internet tools security settings.

    i have axtctive x on the top disabled the first option.

    then active scripting as well as allow javah apps disabled what else do i disabled.

    also is there a quick fix patch for windows me that totaly gets rid of that anoying js exploit frome web pages.

    my nortion always catchs it and its always from bad web pages.

    i heard there was a patch for puters so there not vulnriable to js exploit.
     
  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    That's a pretty broad question, and a lot of the answer will involve just how far the individual user is willing to go without irritating themselves to death with 'warnings' from the browser to protect themselves.

    I use IE 5.5 with SP/2, and of course the first thing you've GOT to do is keep up with all the patches and fixes from MS. Click 'Help'/'About Internet Explorer' and then look at where it says 'Update Versions'. Mine reads: SP2;Q306121;Q312461;Q313675;Q316059 . What does yours say?

    As far as the balance I've found that has protected me (so far) in regard to IE settings, without being a total pain insofar as crimping what I get to see when I surf, here are some of the high points of what I've got (individual preference, most of it - note however, that ANYTHING marked with an * NEEDS to be set that way!: Tools/Internet Options/Security tab/Internet/Custom Level -

    Download signed activex controls - Prompt
    Download unsigned activex controls -Disable
    Initialize and script activex controls not marked as safe - Disable
    Run activex controls and plug-ins - Enable (I know! I know!  )
    Script activex controls marked safe for scripting - Enable
    Allow cookies that are stored on your computer - Enable
    Allow per session cookies (not stored) - Enable
    (Note: my cookies are handled by CookieMuncher, SpyBlockers' hosts file and IE SpyAD for 'Restricted' site entry, so you may want to do something different with the two 'cookie' settings above if you aren't using those programs).
    *File download - Disable ('Enable' as needed only!)
    Font download - Prompt
    Java permissions - High Safety
    Access data sources across domains - Prompt
    Don't prompt for client certificate.... - Disable
    Drag and drop or copy and paste files - Enable
    *Installation of desktop items - DISABLE
    Navigate sub-frames across different domains - Enable
    *Launching programs and files in an IFRAME - DISABLE
    Software channel permissions - High Safety
    Submit non-encrypted form data - Prompt
    *Userdata Persistence - DISABLE
    *Active Scripting - DISABLE
    Allow paste operations via script - Disable
    Scripting of Java applets - Disable
    Logon - (Your choice)

    Bear in mind here that ALL I use this computer for is internet cruising - no business/banking whatsoever, nor is it part of a LAN or an 'at work' computer, so some of these settings may not be right for you.

    All I can tell you is that I've had it this way for a long time and I've never had a problem that I couldn't easily rectify (without having to re-install anything, or even run IE Repair, for that matter) but also remember that I'm running:
    StartPageGuard
    RegProt
    ZeroClick2
    DSOstop
    HTAstop
    SockLock
    NoScript
    ScripTrap
    CookieMuncher
    SpyBlocker 4.75

    in the background at all times (most of those use no resources unless they're triggered), as well as the normal stuff (AV/AT/firewall - all set on-access as well as run regularly, scan-wise [any time any of it updates] ).

    Um, did that answer your question? (We can talk about the 'Advanced' tab later, okay? <g>). Pete
     
  3. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    you a true frind
     
  4. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    IE 5.50 verstion q269368is what i have i did update all my stuff  but i have windows me some time i think i need to hand pick the patchs cause ms dont always give me extras i need just critical updates
     
  5. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    ok Si-Fu i did everything like youres except ZeroClick2 ,StartPageGuard cause i have aol lol  but everthing else set up same.

    can we now move to advance training?=)
     
  6. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    HOLLY MOLLY  my pages load alot faster moooooooooo hooooooooooooooooooooooooooooooooo
     
  7. FanJ

    FanJ Guest

  8. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    thx fan j and thers a picture cool=)
     
  9. Alan

    Alan Guest

    In IE, if you have the security setiing on high,with scripting and activex disabled ,among all the rest,is it still necessary to run other script detection programs such as script trap,dso,hta stop ,cookie programs etc.
    Thanks, Alan
     
  10. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Alan - I would.

    I jump around three different browsers on this computer - so my reasoning there is "What if I missed something in that one? Or what if I stumble across one of the sites that change your internet settings ?"

    Of the programs you mentioned, only a cookie control program is going to constantly be using any resources (and not much of them, at that) - the rest are only there in the background (idle until called-upon) to save your rear end when one of the above happens.

    That's the way I look at it, anyway. Pete
     
  11. Alan

    Alan Guest

    Spy1;
              Good point, and thanks.

                             Alan.
     
  12. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    he he bump some one didnt explane advance settings to blaze he he he =)
     
  13. snowman

    snowman Guest

    you guys may want to consider disabling "scripting of java applets"
    snowman
     
  14. snowman

    snowman Guest

    opps...sorry... just noticed that spy 1 mentioned java applets. snowman
     
Loading...
Thread Status:
Not open for further replies.