anti virus OnLine

Discussion in 'other anti-virus software' started by bravehart6, Oct 2, 2003.

Thread Status:
Not open for further replies.
  1. bravehart6

    bravehart6 Registered Member

    Joined:
    Oct 2, 2003
    Posts:
    8
    On this site your telling me to disable ACTIVE X?
    However McAfee Virusscan OnLine tells me they need ACTIVE X for their down-load of updates!!
    I do not understand, that if ACTIVE X is so dangerous,
    why then put that capability in the computer??
    Having said all this, I do understand WHAT it is used for.
    What I do not understand, WHY THIS FULLNERA
    BILITY is NOT PROTECTED, AS IN FIREWALL??
    Are there EXPERTS that can EDUCATE me about this
    subject, I do appreciate advise, wheather I'm mislead
    by McAfee or maybe did I miss understood them??

    Please help a poor guy with a cold nose and ears. :rolleyes:
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    ActiveX is not necessarily an evil technology, but, it can be used in evil ways. Microsoft made ActiveX the cornerstone of their browser's technology because it is very powerful. An ActiveX control runs with all the access and capability of any locally executed program on your system. Because of this, it is highly useful for applications like online security scanners and similar tools - programs that need to run locally on your system, with total system access rights, in order to perform some complex system functions. (This is why they put the capability in the computer.)

    So, it is simply a matter of who to trust website-wise when allowing ActiveX. I have no problem allowing ActiveX to run from the Microsoft Windows Update site; that's how many of us get our security updates after all. I also trust ActiveX running in support of the better known online virus scanning tools, like the McAfee VirusScan site.

    There are many good uses for ActiveX, but, because it can easily be misused, the best advice is to disable ActiveX in the Internet Zone, which is the default security zone for websites in Internet Explorer.

    I often recommend that people fully utilize the different security zones in Internet Explorer. First set tight security settings for the Internet Zone - disabling (or setting to "prompt") the various ActiveX settings along with Active Scripting. Then to allow the websites that require ActiveX and/or scripting, (only for sites that can be trusted), adding those sites to the Trusted Zone where these things are allowed to execute.

    I further recommend using IE-SpyAd to populate the Restricted Zone with known malicious websites and SpywareBlaster to disable known malicious ActiveX controls. (These two tools are an extra safety net in case you mistakenly try to add a site in the trusted zone that really should not be trusted.)

    As to why there aren't more protections (firewalls to protect against this, as you said), well there are some. There are web filtering tools and software firewall products that do block ActiveX and scripting, but, these are applications that you need to add on to your system since they don't come with Windows itself. And, you'd still need to bypass the restrictions in these tools for sites that you want to trust (i.e. for which you want to allow ActiveX and/or scripting.)
     
Loading...
Thread Status:
Not open for further replies.