|
-
PUBLIC WARNING AND SECURITY NOTICE -
Internet
Explorer can let Worms and Trojans into
your computer during everyday web browsing.
JAVA
/ ActiveX and Scripting is not safe
|
There
have been problems for the last few months with Internet
Explorer when Java, ActiveX or Scripting is enabled.
Most of these issues give remote file access to your
computer. There have been multiple security warnings
over the last three months.
Microsoft
has been doing their best to keep up with the exploits
as they come out. Unfortunately there are still unfixed
problems which allow hackers to upload files and run
them when you visit a web page either hacked or created
by the hacker.
LockDown,
Swatit and other AV scanners will only catch the "known"
Worms and Trojans that use these new infection methods.
Only
Hacker Eliminator will catch the undetectable worms
that use these new methods. This is done through the
use of process monitoring and execution protection
found in the new Hacker Eliminator.
You
can download Hacker Eliminator from http://hacker-eliminator.com/
Always
be sure to do your critical updates regularly at:
http://windowsupdate.microsoft.com/
|
THE
DANGERS
Visiting
web pages is becoming a lot more dangerous than it once
was.
I
remember way back in 1994 during a talk about security:
We could hardly believe that someone would even think of
the concept of allowing someone to upload a file into your
computer and then run it! (JAVA)
|
Hackers
can upload
files
and run
them
when you visit a web page that is either
hacked or created by the hacker.
|
They
said that this would be done a 'special' way which would
not affect user security. We did not believe it then and
still today after many years, they are still fighting the
battle that we knew
back in 1994 could never be won.
THE
100% FREE SOLUTION
There
are many threats today when using Java, ActiveX, Java applets
or Java Script.
Fortunately,
with Internet Explorer informed Internet users can make
their browsing more secure without much difficulty.
This
can be done by using the Web Content Zones that are built
into Internet Explorer.
The
entire concept is to place high restrictions on all web
sites by default, while trusted sites only have limited
security. This will allow trusted sites to function normally
with limited or no problems
at all. This
concept will maximize your browsing security.
After
you configure your browser,
There there will only be good and evil.
All Web Pages will be considered Evil by default
until you add it to your Trusted Zone.
|
Once
you configure your browser, you are separating every Internet
site or web page that you visit into two categories. Good
and EVIL (Trusted and NOT TRUSTED)
Each time you use Internet Explorer, ALL web pages by
default are NOT TRUSTED and will not allow the dangerous
commands embedded into web pages to activate. While
it is true that not all web pages will load properly,
it is more than likely a web page that you would not
want to give over this level of trust simply to see
some special web effect. You are browsing safe and cannot
be infected by Trojans and worms unless you bypass security
or choose to allow a file to be downloaded or add it
to the trusted list.
|
Warning:
Once a site is on your trusted list, they would be able
to bypass your higher security settings that you have
placed for your default Internet Zone. This means that
you are trusting that they are a legitimate company
that will not use these settings to hack into your computer.
If you can't trust the company or person to start with,
do not even think about adding them to the trusted zone
for one second!
|
To
make a web page work that uses Java, ActiveX or
other vulnerable functions, FIRST be sure that you
DO INDEED trust the company or web page.
Examples
of sites that you know and that you can trust would
be
Microsoft.com:
This site allows you to
get your critical updates.
Yahoo.com and popular chat sites:
Such sites allow you to access their Java chat
rooms.
YourBank.com: Permits
you to do your online banking.
|
ADDING
TRUSTED SITES
Adding
trusted sites is easy!
1. When you are on the web page that you want to trust,
simply click twice on
the 
Zone icon found at the bottom right hand corner of your
browser.
You
will see:
2. Next, click on the 
Trusted sites icon and then select the 
Sites button.
 3.
Type in the name of the site to add and click on the Add
button as shown to your right. BE SURE TO REMOVE THE
CHECK in the box "Require server verification (https:)
for all sites in this zone".
If you would like to trust the ENTIRE domain use the wildcard
(*) symbol with a (.) next to it. For example if
you want to trust stores.staples.com (and) www.staples.com
at
the same time, simply use the format of *.staples.com. You
will not want to use the wildcard where the host sells virtual
domains to its clients. If Staples was to sell a virtual
domain to a client and called it "Warez.staples.com",
you would be trusting a page other then "Staples.com"
when using the wildcard.
Once the site is added to your trusted sites list, it will
use the trusted security
settings that you have chosen for it.
CONFIGURING
YOUR ZONES
You
can choose settings as strong or weak as needed for your
browsing needs. The settings below should work in almost
any Internet environment to keep you secure without the
threat of hacking in the Internet Zone. If you feel you
may need stronger settings for your Trusted Zone, feel free
to adjust them as needed.
 1.
Click on "Tools" and select "Internet Options"
from your Internet Explorer screen.
2.
Click on Security
Select "Internet" to configure
your Internet zone.
OR
Select "Trusted Sites" to configure your Trusted
Zone.
3.
Click On the "Custom Level" button.
Next, See
Settings List Below
RECOMMENDED
ZONE SETTINGS
While
using the configurations above, you can feel safe knowing
that you will not be infected while using the untrusted
Internet Zone.
If you are one of our Hacker Eliminator users, you will
also have the ability to monitor for installed programs
and changes to your PC that were done while you were using
the Trusted Zone. If changes take place that should not
be made, you will have the option to undo changes as well
as kill the task of any new secret programs that were launched.
|
ActiveX Controls and Plugins
Disable
Enable 
Downloads
Microsoft
VM 
Miscellaneous 
Scripting
User Authentication