active content filter programs?

recently someone tried to infect me with an undetected java trojan (i made it detectable now by the progrmas i use )
i realized how easy it is to get infected while doing nothing but visiting a site

what do you recommend for active content (activex, java, java script...) protection?

 

Hi

I am sure there are alot of programs out there that can help disable java, activeX ect. All depends on the browser you use also. Best to disable all that in your browser and not use Internet Explorer eccept for updating. then you need ActiveX enabled.
there are some here that use SafeXP which is another free program to help out in dissabling alot of Windows XP crap.
I see in the new version they added a recommended key.
Gkweb has a little program called WWDC to disable some stuff like DCOM, RPC Locator and Netbios ports 137, 138, and 139 which SafeXp allready does i believe.

controler

 

i have those ports closed and stealthed so that's not a problem
i don't want to simply disable Java, ActiveX etc
i want to use it in a more secure manner


i googled a bit and found a program called
SurfinGuard Pro 5.7
http://www.finjan.com/products/surfinguard.cfm

it supposed to do just what i asked for
i also read that Outpost firewall do it with a plugin


anyone heard about SurfinGuard? is it any good? or recommend another?


i will later test SurfinGuard with that trojan i wrote about

i will check SafeXP, but it seems to me most of its tweaks i already did manually or with other programs

 

Hi ans yes I tried surfinguard about 3 or 4 years ago and bragged it up then so I am guessing they have really improved it since then

 

well i tested SurfinGuard with the java trojan
the trojan did not install

this program is a must have because you don't need to do anything other than visit a website to be infected with an undetected trojan
i thought my computer was safe before i saw how easy it is to get infected

i am pleased

 

Wouldn't Proxomitron do the same things and alot more? And it's absolutely FREE.

 

SurfinGuard specializes on security, not on annoyance
it's not a proxy
the real test will be to see if Proxomitron blocks the java trojan i tested SurfinGuard with

i will test that tomorrow

 

Proxomitron certainly can block Java and any other active content. The problem is that you most likely will want enable some content for certain sites that you trust - this can be done using its blocklist files but this is a little awkward. The controls offered with some firewalls (I use Outpost's Active Content plugin for this but others like Kerio and ZAPro also offer similar functions) and other filters like WebWasher Classic (free for home use) may be easier to configure on a per-site basis.

SurfinGuard takes a different approach of running any active content in a sandboxed environment and alerting you to suspicious actions. This may be more suitable if you wish to view active content generally (animated greetings cards for example), but blocking it by default is safer and less time consuming.

 

So what happens if i just completely disable java and javascript in my browser? Would that then stop that nasty java trojan without having to get some fancy software?

 

With Java disabled, no Java applets would be downloaded so the Java trojan should not even reach your PC.

 

Outpost firewall does a splendid job of blocking active schtuff.

From what I've heard, it's Java that is potentially dangerous, but Java Script isn't. Am I misinformed?

 

ActiveX is the most dangerous since there is no control over what an applet can do. Java applets run in a sandbox which should limit the scope for mischief - but vulnerabilities have been found with some Java VMs (notably Microsoft's) that allow malicious applets to cause some havoc.

Javascript should be limited to the browser itself and would appear the least problematic - but it allows browser and window settings to be altered so considerable mischief could be created here too.

 

great, then i'll keep using SurfinGuard so i can surf normally but safely
it came from an Israeli company, that's a plus for me (Israeli )

 

SurfinGuard would be safer than using raw ActiveX but disabling ActiveX completely (or ditching Internet Explorer for a more secure browser) would be safer still and cheaper.

 

when i disable it in the past all the errors drove me nuts
i tried moving to another browser, always came back to IE
SP2 should make it a bit more secure, or at least less annoying

 

What errors? I have never come across a site that could not function without ActiveX - except for Windows Update. Care to post some URLs?

As for SP2, it will patch some known problems but IE is insecure by design and will continally need new fixes. In addition, patches can only cover problems that are (a) known, (b) acknowledged by the vendor and (c) fixed. That period between (a) and (c) is a window of vulnerability which can last for months (several critical patches for Windows were released over 200 days after Microsoft was first informed of the problem). And since IE is tied into Windows itself, an IE flaw can escalate into a severe Windows vulnerability which would not be the case with alternative browsers.

As for returning to IE - how much time did you spend checking the extra features available in alternatives like Firefox and Opera? There are major usability enhancements (tabbed browsing, mouse gestures, fast search-engine access, e.g. typing "g opera" will to a Google search on Opera, "e opera" will do an Ebay search) which I could not envisage doing without.

Check out 30 Days to Becoming an Opera7 Lover for a description of lots of the features you are missing by sticking with IE. The biggest thing you have to lose by dropping IE is compatibility with all those browser hijackers out there.

 

i just remember i got "your security settings prohibit running activex controls" all over the place

i liked using mozilla
but some websites don't load as they load in IE
that's what made me come back to IE

i can always use one of those tabs add ons for IE (like netcaptor) but when i need a lot of windows simultaneously i open mozilla

i am fine with the google toolbar BTW

 

Using a third party filter should avoid this - it sounds like IE trying to nag you into turning your system into the security equivalent of swiss cheese.

If I come across serious issues, I typically send a polite note to the webmaster asking them to consider using the design guidelines of the Any Browser Campaign. Ultimately, IE is a time-bomb for most users (check today's IE bug story) so any webmaster trying to force IE on visitors is being thoroughly irresponsible, IMHO.

 

I'm gonna stay with IE for now
for some reason i really like SurfinGuard now and it supports opera, not firefox

 

SurfinGuard protects me from that new hole you wrote about
Mcafee too (but only after it was announced)

this is a test page of the hole
http://62.131.86.111/security/idiots/repro/installer.htm

and SurfinGuard warned me about it

 

Well kudos to SurfinGuard - however disabling ActiveX completely is still a safer choice since even the best sandbox can leak.

 

NOD protects from this as well.

Regards - Charles

 

but only now when it is known, after it was traced in the wild
SurfinGuard always did that because it's a sandbox (it needs no updates) for the active content