Web Browser Security


Now that you have eliminated one method attackers user to enter your computer by blocking your ports with a firewall, it is time to secure the other entry point, the web browser. An attacker can also get into your computer by using an exploit in a web browser by tricking you into installing a web component that has malicious code inside. Internet Explorer has many security settings built in that will help you keep safe. However, there are often tradeoffs including ease of use and convenience. For example, you can disable the installation of all web components for maximum security, but when you really need to install one, it can take longer and require more work than normal.

Internet Explorer 7

Internet Explore in Windows Vista has undergone massive changes and has many new security features, such as Protected Mode. What does that mean? In the past, Internet Explorer was prone to various different attacks, leaving it one of the weakest parts of the entire Windows operating system. Microsoft tried to stop automatic downloading and installation, and Web site exploits, in its release of Service Pack 2 for Windows XP, but we all know that worked only a little. Flaws are still being discovered in Internet Explorer and attackers are trying to find new ways to trick users into installing their malicious code. How do you fix this problem? Simple-you isolate Internet Explorer into a secure environment so that in the future, if exploits are found, they will not work because IE cannot access resources other than its own. That new protection is found only in the Windows Vista version of Internet Explorer 7 and is called Protected Mode.

Protected Mode, the phishing filter that protects you against fake Web sites, combined with other security options in Internet Explorer 7, will help you secure your web browser and the other major point of entry for spyware, malware, and attackers. The next section shows you how to get the most out of these new features.

Fine-tuning security settings

You can adjust the security settings in Internet Explorer within Internet Options. Follow these steps to adjust the security settings in IE7:

  1. Open Internet Explorer 7.

  2. Click Tools and select Internet Options.

  3. After Internet Options loads, click the Security tab. The Security tab enables you to manage the individual settings for what is allowed in each of the browser zone settings-for example, if ActiveX controls are allowed to be automatically downloaded and installed in the Internet zone. You can adjust these zones by selecting the zone and then clicking the Custom Level button, as shown in Figure 15-4.

    image from book
    Figure 15-4: Adjusting Internet Explorer 7 security zones

  4. After the security settings for the zone selected load, you can scroll through the list of settings and check or uncheck any of the settings to enable or disable them, respectively. For optimal security, I recommend disabling a lot of these features beyond what is normally disabled. Take a look at Table 15-1 for the settings I recommend that you change for best security practices. When you are finished modifying all the settings, click OK to return to Internet Options.

    Table 15-1: Internet Explorer Security Zone Settings
    Open table as spreadsheet

    Settings Name

    Function

    Loose XAML

    I like to select Disable for this option because few sites use it and disabling it means one less feature to worry about getting exploited.

    XAML browser applications

    I disable this setting as well because it also is not used much.

    XPS documents

    Disable this option for tighter security. If you don't use this document format, you should have no problems disabling it.

    Run components not signed with Authenticode

    For tighter security, select Disable.

    Font download

    Consider yourself very lucky if you ever run across a Web site that uses this feature. Disable it to be safe.

    Enable .NET framework setup

    Disable this setting. I do not understand why this option is even listed here.

    Include local directory path when uploading files to a server

    I like to disable this option for privacy and because it should never be needed.

    Launching programs and files in an IFRAME

    Disable this feature. Really, this should never be done.

    Logon

    I usually set this option to Prompt for user name and password for maximum security.

  5. After you are back on the Security tab of Internet Options, make sure that the Enable Protected Mode box is checked for each of the zones. This is one feature that I believe should be enabled for all zones.

  6. You are now ready to move on to the Advanced tab to adjust more security settings. Click the Advanced tab and scroll down the list to the Security section, as shown in Figure 15-5.

    image from book
    Figure 15-5: Adjusting advanced security settings in Internet Explorer 7

  7. In the Security section, I recommend selecting Do not save encrypted pages to disk and Empty Temporary Internet Files folder when browser is closed. These two settings will help protect your privacy as well as keep your important online data from Web sites, such as your bank's, safe.

  8. When you are finished, click OK to save your changes.

You are now finished configuring Internet Explorer to run more securely and protect you even better when you are online.




Hacking Windows Vista
Hacking Windows Vista: ExtremeTech
ISBN: 0470046872
EAN: 2147483647
Year: 2007
Pages: 105
Authors: Steve Sinchak

Similar book on Amazon
Hacking Windows XP (ExtremeTech)
Hacking Windows XP (ExtremeTech)
Windows Vista Annoyances: Tips, Secrets, and Hacks
Windows Vista Annoyances: Tips, Secrets, and Hacks
Windows Vista: The Missing Manual
Windows Vista: The Missing Manual
Big Book of Windows Hacks
Big Book of Windows Hacks

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net