configureing IEs internet zone and advanced options tab

Discussion in 'other software & services' started by Bethrezen, Mar 26, 2008.

Thread Status:
Not open for further replies.
  1. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    I'm wondering if anyone might be able to help I'm currently working on a set up for internet explorer that will allow it to remain functional but will lock down its more dangerous features so as to keep users safe from active content but I'm a little stuck

    here is what I have so far

    http://h1.ripway.com/Bethrezen/demo/Web-Site-Demo/Index.php?page=Internet-Explorer

    the problem I'm having at the moment is that I'm unsure of the best way to configure the internet zone and the advanced options tab and I'm wondering what peoples thoughts are on this ?

    plus and other general comments regarding what i have already written
     
  2. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    Re: configuring IEs internet zone and advanced options tab

    hi all

    having just finished a few more updates to the above page I think it should be about 90% complete so has anyone got any thoughts on the best way to set up the advanced tab and internet zone

    obviously there are some settings that should definitely be disabled like active x as most web pages have no need to be running active x applets

    but there are some other settings that I'm not so sure about as I don't really understand what there for

    for instance

    .NET Framework-reliant components

    * Run components not signed with Authenticode
    * Run components signed with Authenticode

    what exactly is .net frame work anyway and is it really necessary to have it installed ??

    then to make matters more complicated there are some settings like java that in a perfect world would be disabled to prevent then being used as an attack vector but are not really practical to disable as to many websites would malfunction and not work correctly as they are java driven
     
    Last edited: Apr 1, 2008
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Re: configuring IEs internet zone and advanced options tab

    I found a few suggested IE settings here but it doesnt explain them.

    As for .NET Framework, its needed by some programs such as Paint.NET or CDBurnerXP.

    Such programs will usually mention .NET Framework in their system requirements along with what version they want (usually 2.0, but some program may need 1.1 or 3.x).
     
  4. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi

    thanks for your reply

    i see so i take it this is another one of them components of windows that isn't actually needed unless you are running apps that specifically require it

    oh well that's Microsoft superfluous bloat that will be getting un-installed by xplite

    as for the settings in question

    * Run components not signed with Authenticode
    * Run components signed with Authenticode

    I take it from the wording that .net components are similar in nature to active x applets small web based programs ? and these settings determine whether internet explorer is allowed to access and run these programs
     
    Last edited: Apr 1, 2008
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
  6. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    sounds suspiciously like COM (Component Object Model) i could be misunderstanding things here but if .net is basically the new COM then would that mean that .net is basically the new active x and therefore susceptible to all the same issues ??
     
  7. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Best IE tweak is to use 0.0.0.0:0 proxy and switch browser :D
     
  8. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    lol you'll get no argument from me there i cant stand IE its a horrid pain to code for when creating web pages

    it supports technology that is known to be insecure but instead of doing the right thing and removing it they try in vain to fix it putting users at risk

    they have a nasty habit of not fixing bugs or taking excessively long periods of time to fix bugs

    they have a nasty habit of leaving users exposed when bugs are reported instead of releasing temporary patches to lock down the problem till a proper solution can be found like mozilla and other browser manufactures do

    the list just goes on and on

    people will argue that IE if set up corectley can be as secure as any other browser and that problem with IE is not the browser but the fact that users don't have it set up properly and granted there may be a grain of truth to that

    but i maintain that its microsoft and there browser that are at fault users shouldn't have to reconfigure there browser to make it secure it should be secure right out of the box it shouldn't support insecure technologies and bugs should be fixed in a timely fashion and if they know that a problem is goin to take a long time to fix then they should release temporary patches to keep users safe till a solution can be found

    granted even good browsers like firefox have bugs and issues some of which don't get fixed but at least when there is a serious issues its usually fixed in a timely fashion and if it cant be fixed quickly then a temporary fix is usually made available
     
Loading...
Thread Status:
Not open for further replies.