Forums > Social Discussion > IE security zones hack- cure
Login/Join to ParticipateGOLD Member
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom
Posted:
For anyone who takes their internet security seriously and makes good use of their IE security settings options, there's few things more frustrating than a malware attack than disables some of those settings.
A very good security precaution with IE is to go to tools>internet options> security
where you will see four 'zones' (internet, local..., trusted, restricted)
If you set the 'internet zone' to 'high', you disable Java, Javascript, ActiveX controls etc.
In doing so you effectively disable 99% of all possible malware/virus attacks, as they rely on these scripts to attack your system.
The downside is that this also disables many aspects of decent websites that use these scripts for 'legitimate' purposes (though I would argue that most sites using these scripts do so unnecessarily, and, by doing so, are themselves responsible for the current state of internet shoddiness; but this isn't the time for that particular rant).
So, for example, some aspects on 'Home of Poi' may not function. The solution is to click on 'Trusted Sites', then on the 'sites' box, cpoy and paste the HoP address into the box and click on 'add'.
This puts HoP into your trusted zone, whose security you can set to 'medium', thus enabling HoP to run the scripts it wants.
--------------------
However, a fairly common malware/virus attack can leave some of your settings greyed out. For example an attack can add its own sites to your trusted zones, enabling it to run malicious script on your system (the aim being to trash, hack, steal credit card numbers, broadcast lists of sites you visit for 'marketing' purposes etc, etc)
Knowing that you may know enough about security to realise what its done and simply delete the changes, it may prevent this by disabling the boxes that alter security settings.
There's few things more frustrating than being unable to alter your own PCs security settings, or even being unable to view the list of addresses in your 'trusted sites' zone.
It's also very difficult to find info on the net about how to sort this out.
-------------
A recent attack left me unable to access my 'trusted sites' settings; fortunately I've managed to sort it out and I'm going to pass it on for anyone else in the same position.
It involves changing the registry, which can be very risky if you don't know what you're doing.
I'm not going to go into great detail about how to change registry settings as, if you don't know already then you shouldn't really be attempting this- get someone who does know to assist.
(I'm running win 2000, these settings will not necessarily be the same on all systems)
From Start> run type 'regedit' then go to this key: -
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\zones
(highlight the folder and go to 'Registry'> 'export...' on the top bar to save a backup in case you make a mistake.
The relevant zone is 2, so go to that
Towards the bottom is-
flags REG_DWORD
the value was set to 0x00000000 (0)
ie 'zero'
this had disabled both the ability to change the security setting and the ability to view/modify the sites in the trusted zone
'Right Click'> 'modify' and altering the value to '3', renabled both these settings
--------------------
The page which enabled me to sort this out is here: -
https://support.microsoft.com/default.aspx?scid=kb;en-us;182569
and it has a lot of info about other registry settings that affect security zones.
-----------------
Lastly, whilst searching the web looking for a solution I stumbled across this: -
https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD
a useful piece of software that, via the registry, will load the internet addresses of many thousands of sites known to be malicious, into your 'restricted sites' security zone. By setting this zones security to 'high' you thus prevent these sites from loading their trashware onto your system.
(Again, bear in mind that any registry alterations are at your own risk).
For anyone who takes their internet security seriously and makes good use of their IE security settings options, there's few things more frustrating than a malware attack than disables some of those settings.
A very good security precaution with IE is to go to tools>internet options> security
where you will see four 'zones' (internet, local..., trusted, restricted)
If you set the 'internet zone' to 'high', you disable Java, Javascript, ActiveX controls etc.
In doing so you effectively disable 99% of all possible malware/virus attacks, as they rely on these scripts to attack your system.
The downside is that this also disables many aspects of decent websites that use these scripts for 'legitimate' purposes (though I would argue that most sites using these scripts do so unnecessarily, and, by doing so, are themselves responsible for the current state of internet shoddiness; but this isn't the time for that particular rant).
So, for example, some aspects on 'Home of Poi' may not function. The solution is to click on 'Trusted Sites', then on the 'sites' box, cpoy and paste the HoP address into the box and click on 'add'.
This puts HoP into your trusted zone, whose security you can set to 'medium', thus enabling HoP to run the scripts it wants.
--------------------
However, a fairly common malware/virus attack can leave some of your settings greyed out. For example an attack can add its own sites to your trusted zones, enabling it to run malicious script on your system (the aim being to trash, hack, steal credit card numbers, broadcast lists of sites you visit for 'marketing' purposes etc, etc)
Knowing that you may know enough about security to realise what its done and simply delete the changes, it may prevent this by disabling the boxes that alter security settings.
There's few things more frustrating than being unable to alter your own PCs security settings, or even being unable to view the list of addresses in your 'trusted sites' zone.
It's also very difficult to find info on the net about how to sort this out.
-------------
A recent attack left me unable to access my 'trusted sites' settings; fortunately I've managed to sort it out and I'm going to pass it on for anyone else in the same position.
It involves changing the registry, which can be very risky if you don't know what you're doing.
I'm not going to go into great detail about how to change registry settings as, if you don't know already then you shouldn't really be attempting this- get someone who does know to assist.
(I'm running win 2000, these settings will not necessarily be the same on all systems)
From Start> run type 'regedit' then go to this key: -
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\zones
(highlight the folder and go to 'Registry'> 'export...' on the top bar to save a backup in case you make a mistake.
The relevant zone is 2, so go to that
Towards the bottom is-
flags REG_DWORD
the value was set to 0x00000000 (0)
ie 'zero'
this had disabled both the ability to change the security setting and the ability to view/modify the sites in the trusted zone
'Right Click'> 'modify' and altering the value to '3', renabled both these settings
--------------------
The page which enabled me to sort this out is here: -
https://support.microsoft.com/default.aspx?scid=kb;en-us;182569
and it has a lot of info about other registry settings that affect security zones.
-----------------
Lastly, whilst searching the web looking for a solution I stumbled across this: -
https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD
a useful piece of software that, via the registry, will load the internet addresses of many thousands of sites known to be malicious, into your 'restricted sites' security zone. By setting this zones security to 'high' you thus prevent these sites from loading their trashware onto your system.
(Again, bear in mind that any registry alterations are at your own risk).
"You can't outrun Death forever.
But you can make the Bastard work for it."
--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32
Educate your self in the Hazards of Fire Breathing STAY SAFE!
newbie
7 posts
7 posts
Posted:
Very intresting to know, thanks for the info.
-Gecko
Very intresting to know, thanks for the info.
-Gecko
BRONZE Member
Geek-enviro-hippy priest
1,858 posts
Location: Diss, Norfolk, United Kingdom
Geek-enviro-hippy priest
1,858 posts
Location: Diss, Norfolk, United Kingdom
Posted:
Just use Mozilla Firefox:
https://www.mozilla.org/products/firefox/
The more secure, advanced browser out there (and fast too) It doesn't have anywhere near the amount of bugs (even SP2) has.
Just use Mozilla Firefox:
https://www.mozilla.org/products/firefox/
The more secure, advanced browser out there (and fast too) It doesn't have anywhere near the amount of bugs (even SP2) has.
There's too many home fires burning and not enough trees
SILVER Member
15,417 posts
Location: South Wales
15,417 posts
Location: South Wales
Posted:
i love firefox but im waiting for my motherboard to arrive back before i can use it again... im suprised I can post on HOP without one..
i love firefox but im waiting for my motherboard to arrive back before i can use it again... im suprised I can post on HOP without one..
BRONZE Member
Geek-enviro-hippy priest
1,858 posts
Location: Diss, Norfolk, United Kingdom
Geek-enviro-hippy priest
1,858 posts
Location: Diss, Norfolk, United Kingdom
Posted:
fair enough, but i always send an email to the webmaster of said sites telling them that it doesn't comply with web standards (https://www.w3c.org/) and go and find a site that does work! either way, Firefox saves you hacking the registry and helps the internet get away from bad websites.
...or just use safari on OS X - that way you'll never get anything bad of the internet (that you don't want anyway) but thats not an option for most people.
anyway, thanks to onewheeldave for telling people who have to use IE for whatever reasion
fair enough, but i always send an email to the webmaster of said sites telling them that it doesn't comply with web standards (https://www.w3c.org/) and go and find a site that does work! either way, Firefox saves you hacking the registry and helps the internet get away from bad websites.
...or just use safari on OS X - that way you'll never get anything bad of the internet (that you don't want anyway) but thats not an option for most people.
anyway, thanks to onewheeldave for telling people who have to use IE for whatever reasion
There's too many home fires burning and not enough trees
not a stranger
558 posts
Location: wales
558 posts
Location: wales
Posted:
I have IE,
I have had a pooter for 4 months now and although I have learned alot I am still pretty ignorant. I have played about with the security zones and stuff without really understanding what I was doing, so I found Daves post both interesting and useful.
Thank you Dave.
I have IE,
I have had a pooter for 4 months now and although I have learned alot I am still pretty ignorant. I have played about with the security zones and stuff without really understanding what I was doing, so I found Daves post both interesting and useful.
Thank you Dave.
Eat when you're hungry
Sleep where it's dry
No one is ever what they seem
Gabriel King - The Wild Road
GOLD Member
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom
Posted:
Cheers Lillie Frog, Gecko and Toyer
It's well worth doing some research on security as the web is full of really nasty mal/spy/ad ware and viruses. Microsft have made no real attempt to address the problem other than releasing 'patches' for each new loophole that hackers discover.
Producers of websites that rely unnecessarily on java/java script/activeX etc, don't help; hopefully, as time passes, awareness that this junk is not only uneeded, but helps maintain the current dire security situation, will increase.
Here's a link to an interesting page on some of the tactics being used, that can result in malware being pushed onto your pc when visiting supposedly 'respectable' sites-
https://www.pcworld.com/news/article/0,aid,101916,00.asp
Cheers Lillie Frog, Gecko and Toyer
It's well worth doing some research on security as the web is full of really nasty mal/spy/ad ware and viruses. Microsft have made no real attempt to address the problem other than releasing 'patches' for each new loophole that hackers discover.
Producers of websites that rely unnecessarily on java/java script/activeX etc, don't help; hopefully, as time passes, awareness that this junk is not only uneeded, but helps maintain the current dire security situation, will increase.
Here's a link to an interesting page on some of the tactics being used, that can result in malware being pushed onto your pc when visiting supposedly 'respectable' sites-
https://www.pcworld.com/news/article/0,aid,101916,00.asp
"You can't outrun Death forever.
But you can make the Bastard work for it."
--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32
Educate your self in the Hazards of Fire Breathing STAY SAFE!
GOLD Member
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom
Posted:
Users of Mozilla Firefox- does anyone fancy elaborating on why it's more secure- does it not accept java/javascript/activeX? If so what does it do with sites that use those things?
The reason I've stuck with IE is that, crap as it is in security terms, at least I do know how to set it up to be at it's most secure- I'm concerned that if I download Firefox it's going to be several weeks sussing it out, during which it could get hacked.
Users of Mozilla Firefox- does anyone fancy elaborating on why it's more secure- does it not accept java/javascript/activeX? If so what does it do with sites that use those things?
The reason I've stuck with IE is that, crap as it is in security terms, at least I do know how to set it up to be at it's most secure- I'm concerned that if I download Firefox it's going to be several weeks sussing it out, during which it could get hacked.
"You can't outrun Death forever.
But you can make the Bastard work for it."
--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32
Educate your self in the Hazards of Fire Breathing STAY SAFE!
GOLD Member
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom
Carpal \'Tunnel
3,252 posts
Location: sheffield, United Kingdom
Posted:
Here's a nice detailed page with some more registry hacks for your security settings, including creating your own custom zones and how to edit the 'my computer' zone.
https://blogs.msdn.com/ptorr/archive/2004/01/29/64215.aspx
Here's a nice detailed page with some more registry hacks for your security settings, including creating your own custom zones and how to edit the 'my computer' zone.
https://blogs.msdn.com/ptorr/archive/2004/01/29/64215.aspx
"You can't outrun Death forever.
But you can make the Bastard work for it."
--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32
Educate your self in the Hazards of Fire Breathing STAY SAFE!
newbie
17 posts
Location: Cornwall
17 posts
Location: Cornwall
Posted:
I don't know any specific details but one of the most important things is it's not IE. The programs you're talking about work by exploiting the way IE interacts with the rest of Windows and they only work if you're running IE so the best thing you can do is use something else like firefox.
There isn't much you need to do to make it safe (it just doesn't have the same security issues that IE does) so as long as you've got a few of the following you should be fine.
Virus scanners:
Housecal
Panda
AVG Anti-virus
Anti-Vir
Firewalls:
Kerio Pesonnal Firewall
ZoneAlarm
Spyware scanners:
Spybot
Ad-Aware
Bazooka
Hijack This!
They're all free so it's worth having them.
But like toyer90 said, thanks for telling the people that have to use IE for whatever reason.
Written by:
Users of Mozilla Firefox- does anyone fancy elaborating on why it's more secure- does it not accept java/javascript/activeX? If so what does it do with sites that use those things?
I don't know any specific details but one of the most important things is it's not IE. The programs you're talking about work by exploiting the way IE interacts with the rest of Windows and they only work if you're running IE so the best thing you can do is use something else like firefox.
Written by:
The reason I've stuck with IE is that, crap as it is in security terms, at least I do know how to set it up to be at it's most secure- I'm concerned that if I download Firefox it's going to be several weeks sussing it out, during which it could get hacked.
There isn't much you need to do to make it safe (it just doesn't have the same security issues that IE does) so as long as you've got a few of the following you should be fine.
Virus scanners:
Housecal
Panda
AVG Anti-virus
Anti-Vir
Firewalls:
Kerio Pesonnal Firewall
ZoneAlarm
Spyware scanners:
Spybot
Ad-Aware
Bazooka
Hijack This!
They're all free so it's worth having them.
But like toyer90 said, thanks for telling the people that have to use IE for whatever reason.
© 1998 - 2024 Home of Poi
All prices converted to United States dollars using XE.com