Forums > Social Discussion > IE security zones hack- cure

Login/Join to Participate

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted:For anyone who takes their internet security seriously and makes good use of their IE security settings options, there's few things more frustrating than a malware attack than disables some of those settings.



A very good security precaution with IE is to go to tools>internet options> security



where you will see four 'zones' (internet, local..., trusted, restricted)



If you set the 'internet zone' to 'high', you disable Java, Javascript, ActiveX controls etc.



In doing so you effectively disable 99% of all possible malware/virus attacks, as they rely on these scripts to attack your system.



The downside is that this also disables many aspects of decent websites that use these scripts for 'legitimate' purposes (though I would argue that most sites using these scripts do so unnecessarily, and, by doing so, are themselves responsible for the current state of internet shoddiness; but this isn't the time for that particular rant).



So, for example, some aspects on 'Home of Poi' may not function. The solution is to click on 'Trusted Sites', then on the 'sites' box, cpoy and paste the HoP address into the box and click on 'add'.



This puts HoP into your trusted zone, whose security you can set to 'medium', thus enabling HoP to run the scripts it wants.



--------------------



However, a fairly common malware/virus attack can leave some of your settings greyed out. For example an attack can add its own sites to your trusted zones, enabling it to run malicious script on your system (the aim being to trash, hack, steal credit card numbers, broadcast lists of sites you visit for 'marketing' purposes etc, etc)



Knowing that you may know enough about security to realise what its done and simply delete the changes, it may prevent this by disabling the boxes that alter security settings.



There's few things more frustrating than being unable to alter your own PCs security settings, or even being unable to view the list of addresses in your 'trusted sites' zone.



It's also very difficult to find info on the net about how to sort this out.



-------------



A recent attack left me unable to access my 'trusted sites' settings; fortunately I've managed to sort it out and I'm going to pass it on for anyone else in the same position.



It involves changing the registry, which can be very risky if you don't know what you're doing.



I'm not going to go into great detail about how to change registry settings as, if you don't know already then you shouldn't really be attempting this- get someone who does know to assist.



(I'm running win 2000, these settings will not necessarily be the same on all systems)



From Start> run type 'regedit' then go to this key: -



HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\zones



(highlight the folder and go to 'Registry'> 'export...' on the top bar to save a backup in case you make a mistake.



The relevant zone is 2, so go to that



Towards the bottom is-



flags REG_DWORD



the value was set to 0x00000000 (0)



ie 'zero'



this had disabled both the ability to change the security setting and the ability to view/modify the sites in the trusted zone



'Right Click'> 'modify' and altering the value to '3', renabled both these settings



--------------------



The page which enabled me to sort this out is here: -



http://support.microsoft.com/default.aspx?scid=kb;en-us;182569
br>


and it has a lot of info about other registry settings that affect security zones.



-----------------



Lastly, whilst searching the web looking for a solution I stumbled across this: -



https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD
br>


a useful piece of software that, via the registry, will load the internet addresses of many thousands of sites known to be malicious, into your 'restricted sites' security zone. By setting this zones security to 'high' you thus prevent these sites from loading their trashware onto your system.



(Again, bear in mind that any registry alterations are at your own risk).


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete Topic

FireTwirling.net
newbie

Member Since: 5th Oct 2004
Total posts: 7
Posted:Very intresting to know, thanks for the info.

-Gecko


Delete

Sym
Sym

Geek-enviro-hippy priest
Location: Diss, Norfolk
Member Since: 28th Sep 2004
Total posts: 1858
Posted:Just use Mozilla Firefox:

http://www.mozilla.org/products/firefox/
br>
The more secure, advanced browser out there (and fast too) It doesn't have anywhere near the amount of bugs (even SP2) has.


There's too many home fires burning and not enough trees

Delete

Spanner
Spanner

remembers when it was all fields round here
Location: in the works... somewhere...
Member Since: 27th Feb 2003
Total posts: 2790
Posted:It is, but I use both, as there are pages which aren't completely functional on Firefox, so I use the highest security option on Internet Explorer for those smile

"I thought you are man, but
you are nice woman.

yay,

:R"

Delete

UCOF
UCOF

Carpal \'Tunnel

Member Since: 17th Apr 2002
Total posts: 15414
Posted:i love firefox but im waiting for my motherboard to arrive back before i can use it again... im suprised I can post on HOP without one..

confused

wink


Delete

Sym
Sym

Geek-enviro-hippy priest
Location: Diss, Norfolk
Member Since: 28th Sep 2004
Total posts: 1858
Posted:fair enough, but i always send an email to the webmaster of said sites telling them that it doesn't comply with web standards (http://www.w3c.org/) and go and find a site that does work! either way, Firefox saves you hacking the registry and helps the internet get away from bad websites.

...or just use safari on OS X - that way you'll never get anything bad of the internet (that you don't want anyway) but thats not an option for most people.

anyway, thanks to onewheeldave for telling people who have to use IE for whatever reasion


There's too many home fires burning and not enough trees

Delete

Lillie Frog
Lillie Frog

not a stranger
Location: wales
Member Since: 31st May 2004
Total posts: 558
Posted:I have IE,
I have had a pooter for 4 months now and although I have learned alot I am still pretty ignorant. I have played about with the security zones and stuff without really understanding what I was doing, so I found Daves post both interesting and useful.
Thank you Dave.


Eat when you're hungry
Sleep where it's dry
No one is ever what they seem
Gabriel King - The Wild Road

Delete

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted:Cheers Lillie Frog, Gecko and Toyer smile

It's well worth doing some research on security as the web is full of really nasty mal/spy/ad ware and viruses. Microsft have made no real attempt to address the problem other than releasing 'patches' for each new loophole that hackers discover.

Producers of websites that rely unnecessarily on java/java script/activeX etc, don't help; hopefully, as time passes, awareness that this junk is not only uneeded, but helps maintain the current dire security situation, will increase.

Here's a link to an interesting page on some of the tactics being used, that can result in malware being pushed onto your pc when visiting supposedly 'respectable' sites-

http://www.pcworld.com/news/article/0,aid,101916,00.asp


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted:
Users of Mozilla Firefox- does anyone fancy elaborating on why it's more secure- does it not accept java/javascript/activeX? If so what does it do with sites that use those things?

The reason I've stuck with IE is that, crap as it is in security terms, at least I do know how to set it up to be at it's most secure- I'm concerned that if I download Firefox it's going to be several weeks sussing it out, during which it could get hacked.


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted:Here's a nice detailed page with some more registry hacks for your security settings, including creating your own custom zones and how to edit the 'my computer' zone.

http://blogs.msdn.com/ptorr/archive/2004/01/29/64215.aspx


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

Dropkneedave
Dropkneedave

newbie
Location: Cornwall
Member Since: 24th Oct 2004
Total posts: 17
Posted:Written by:

Users of Mozilla Firefox- does anyone fancy elaborating on why it's more secure- does it not accept java/javascript/activeX? If so what does it do with sites that use those things?



I don't know any specific details but one of the most important things is it's not IE. The programs you're talking about work by exploiting the way IE interacts with the rest of Windows and they only work if you're running IE so the best thing you can do is use something else like firefox.

Written by:
The reason I've stuck with IE is that, crap as it is in security terms, at least I do know how to set it up to be at it's most secure- I'm concerned that if I download Firefox it's going to be several weeks sussing it out, during which it could get hacked.



There isn't much you need to do to make it safe (it just doesn't have the same security issues that IE does) so as long as you've got a few of the following you should be fine.

Virus scanners:
Housecal
Panda
AVG Anti-virus
Anti-Vir

Firewalls:
Kerio Pesonnal Firewall
ZoneAlarm

Spyware scanners:
Spybot
Ad-Aware
Bazooka
Hijack This!

They're all free so it's worth having them.

But like toyer90 said, thanks for telling the people that have to use IE for whatever reason.


Delete


Similar Topics

Using the keywords [security zone* hack cure] we found the following similar topics.
1. Forums > IE security zones hack- cure [10 replies]
2. Forums > The Cure For Cancer -- A rant [46 replies]
3. Forums > Help with school internet security [43 replies]
4. Forums > Computer Security [19 replies]
5. Forums > Important Security Notice [6 replies]

     Show more..