other security setings

ok i go in to internet tools security settings.

i have axtctive x on the top disabled the first option.

then active scripting as well as allow javah apps disabled what else do i disabled.

also is there a quick fix patch for windows me that totaly gets rid of that anoying js exploit frome web pages.

my nortion always catchs it and its always from bad web pages.

i heard there was a patch for puters so there not vulnriable to js exploit.

 

That's a pretty broad question, and a lot of the answer will involve just how far the individual user is willing to go without irritating themselves to death with 'warnings' from the browser to protect themselves.

I use IE 5.5 with SP/2, and of course the first thing you've GOT to do is keep up with all the patches and fixes from MS. Click 'Help'/'About Internet Explorer' and then look at where it says 'Update Versions'. Mine reads: SP2;Q306121;Q312461;Q313675;Q316059 . What does yours say?

As far as the balance I've found that has protected me (so far) in regard to IE settings, without being a total pain insofar as crimping what I get to see when I surf, here are some of the high points of what I've got (individual preference, most of it - note however, that ANYTHING marked with an * NEEDS to be set that way!: Tools/Internet Options/Security tab/Internet/Custom Level -

Download signed activex controls - Prompt
Download unsigned activex controls -Disable
Initialize and script activex controls not marked as safe - Disable
Run activex controls and plug-ins - Enable (I know! I know!  )
Script activex controls marked safe for scripting - Enable
Allow cookies that are stored on your computer - Enable
Allow per session cookies (not stored) - Enable
(Note: my cookies are handled by CookieMuncher, SpyBlockers' hosts file and IE SpyAD for 'Restricted' site entry, so you may want to do something different with the two 'cookie' settings above if you aren't using those programs).
*File download - Disable ('Enable' as needed only!)
Font download - Prompt
Java permissions - High Safety
Access data sources across domains - Prompt
Don't prompt for client certificate.... - Disable
Drag and drop or copy and paste files - Enable
*Installation of desktop items - DISABLE
Navigate sub-frames across different domains - Enable
*Launching programs and files in an IFRAME - DISABLE
Software channel permissions - High Safety
Submit non-encrypted form data - Prompt
*Userdata Persistence - DISABLE
*Active Scripting - DISABLE
Allow paste operations via script - Disable
Scripting of Java applets - Disable
Logon - (Your choice)

Bear in mind here that ALL I use this computer for is internet cruising - no business/banking whatsoever, nor is it part of a LAN or an 'at work' computer, so some of these settings may not be right for you.

All I can tell you is that I've had it this way for a long time and I've never had a problem that I couldn't easily rectify (without having to re-install anything, or even run IE Repair, for that matter) but also remember that I'm running:
StartPageGuard
RegProt
ZeroClick2
DSOstop
HTAstop
SockLock
NoScript
ScripTrap
CookieMuncher
SpyBlocker 4.75

in the background at all times (most of those use no resources unless they're triggered), as well as the normal stuff (AV/AT/firewall - all set on-access as well as run regularly, scan-wise [any time any of it updates] ).

Um, did that answer your question? (We can talk about the 'Advanced' tab later, okay? <g>). Pete

 

you a true frind

 

IE 5.50 verstion q269368is what i have i did update all my stuff  but i have windows me some time i think i need to hand pick the patchs cause ms dont always give me extras i need just critical updates

 

ok Si-Fu i did everything like youres except ZeroClick2 ,StartPageGuard cause i have aol lol  but everthing else set up same.

can we now move to advance training?=)

 

HOLLY MOLLY  my pages load alot faster moooooooooo hooooooooooooooooooooooooooooooooo

 

See also for example this discussion on DSLR:

http://www.dslreports.com/forum/remark,1333507;root=security,1;mode=flat;start=0


And for the Restricted Internet Zone and the use of IE-SPYAD, see here:


http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD

http://www.staff.uiuc.edu/~ehowes/ie-spyad.txt

 

thx fan j and thers a picture cool=)

 

In IE, if you have the security setiing on high,with scripting and activex disabled ,among all the rest,is it still necessary to run other script detection programs such as script trap,dso,hta stop ,cookie programs etc.
Thanks, Alan

 

Alan - I would.

I jump around three different browsers on this computer - so my reasoning there is "What if I missed something in that one? Or what if I stumble across one of the sites that change your internet settings ?"

Of the programs you mentioned, only a cookie control program is going to constantly be using any resources (and not much of them, at that) - the rest are only there in the background (idle until called-upon) to save your rear end when one of the above happens.

That's the way I look at it, anyway. Pete

 

Spy1;
          Good point, and thanks.

                         Alan.

 

he he bump some one didnt explane advance settings to blaze he he he =)

 

you guys may want to consider disabling "scripting of java applets"
snowman

 

opps...sorry... just noticed that spy 1 mentioned java applets. snowman