Sunday, May 23, 2004

PC Security Secrets MiniCourse - Day 2


The 7 PC Security Secrets Hackers DON'T Want
You To Know But I'm Going To Tell You Anyway.

A 7 Day Mini Course

Greg Reynolds

You or someone else has subscribed to my 7 day mini
course. If this is an error or you would like to
un-subscribe just go to the bottom of this message
for instructions.


Day 2

Locking Down Internet Explorer

Are you familiar with the security vulnerabilities
of Microsoft's flagship browser - Internet Explorer?
Don't worry because most people aren't.

Unfortunately, Internet Explorer (hereafter referred
to as IE) has security holes big enough to drive a truck
through. By default, IE allows ActiveX scripting, spoofing
and buffer overflows.

Those terms may not mean much to you, but to a hacker
they're a gold mine of entry points into your system.

The good news is that patching these holes will also
tremendously strengthen the security of Microsoft's email
programs - Outlook and Outlook Express.

They're often jokingly referred to in the computer
security business as "LookOut!"

Here's How To Lock Down Internet Explorer:

Microsoft Internet Explorer needs to be updated regularly
to maintain computer security. All existing versions of
Internet Explorer have critical vulnerabilities if they
aren't patched.

The vulnerabilities can be categorized into these classes:

* Web page or Windows interface spoofing
* ActiveX control vulnerabilities
* Active scripting vulnerabilities
* MIME-type and Content-type misinterpretation
* Buffer overflows

These vulnerabilities could lead to disclosure of local
files or data, execution of local programs, download
and execution of arbitrary code, or complete takeover
of your system.

Configuring Internet Explorer
To configure the Security settings for Internet Explorer:

* Select Internet Options under the Tools menu.
* Select the Security tab
* Click Custom Level for the Internet zone.

Most of the flaws in IE are exploited through Active
Scripting or ActiveX Controls.

* Under Scripting, select Prompt for Allow paste
operations via script

This increases computer security by preventing content
from being exposed from your clipboard.

Note: Active Scripting should not be disabled since it
is used by many websites.

ActiveX Controls are not as popular but are potentially
more dangerous as they allow greater access to the system.

* Select Prompt for Download signed ActiveX Controls.
* Select Disable for Download unsigned ActiveX Controls.
* Select Disable for Initialize and script ActiveX Controls
not marked as safe.

Java applets typically have more capabilities than

* Under Microsoft VM, select High safety for Java permissions

This puts access barriers around the Java applet and prevents
privileged access to your system.

* Under Miscellaneous select Disable for Access to data
sources across domains

This protects you from cross-site scripting attacks.

* Also, make sure you have no un-trusted sites in the
Trusted or Local Intranet zones. These zones have weaker
security settings than the other zones.

Online Security Tip: These security settings for Internet
Explorer will also be automatically applied to your other
Microsoft applications such as Outlook and Outlook Express.

That's all for today. See you tomorrow with more good stuff.

Greg Reynolds

Tomorrow's Topic:

Blocking Spam from Your Inbox

Links to this post:

Create a Link

<< Home