current page - config.html
/NOTE: From the site's update on 5.6.2006 onwards, this particular site will not be updated anymore. To be honest, I made few additional modifications on 6.6., 7.6., 8.6., 9.6., and 16.6., further on 13.7., 23.7., 23.8., and 26.9. in 2006, and finally on 14.1. in 2007 (which was the absolutely last update), but that was all just fixing old errors and formatting, and no new content was added. Optionally see the last "events-entry" on page "events7.html" (it's a short related announcement), and the first entry on the "events8.html" page (it describes all this in great details), however, the second one is located only on "still-updated" site-variants. Anyway, this notice applies to: Bravenet, Freehost386, Geocities, and Greatnow free-hosts (and from 14.1.2007 this includes also Atspace free-host), so for the current variant with the fresh content, please head on to one of these two main sites: 50webs, Voljatel, which are, as mentioned, the only ones still being updated.
This is a more or less security configuration related page, but I still need to decide if it will be titled as "config" also in future. I would like/prefer to call it "security", however, the one under the software section is already named security so the name/title "config" seemed the most appropriate at the time of writing it (compare to "safety" or "privacy" that were other two options that I thought of back then); simply because as mentioned, it's more or less related to security configurations, rather than to the security programs themselves.
I urge anyone with a dial-up connection (or other types too, if they have these two options) to always set you computer for the one particular connection (free ISP account) that you are mostly using to "Never dial a connection" but especially to "Show terminal window" before dialing. This way, there is no chance for those malicious "dialer" programs to do any harm. Here are the links to screenshots of these two settings/windows stored at CastleCops (where I've used the graphic in one of my posts back then):
http://castlecops.com/modules.php?name=Forums&file=download&id=5725, http://castlecops.com/modules.php?name=Forums&file=download&id=5726
See the example thumbnail screenshots (click to enlarge):
Hum, if I remember correctly, there is yet another setting called "Show Pre-dial Terminal Screen" which is not the same as "Show terminal window" mentioned above. Anyways, if the thumbnails above are not displayed OK in your browser, then you can try with these two direct links to the screenshots hosted on Imageshack: http://img259.imageshack.us/img259/5233/terminalwindow0gb.gif, http://img259.imageshack.us/img259/8858/connection2qc.gif
Then here below is a list of few locations where you can change security and various other settings with (Local) Group Policy or gpedit.msc (a MMC program):
Local Computer Policy - Computer Configuration - Administrative Templates
Windows Components, System, Network Printers
Local Computer Policy - User Configuration - Administrative Templates
Windows Components, Start Menu and Taskbar, Desktop, Control Panel, Shared Folders, Network, System
And here a list of few locations where you can change security and various other settings with Local Security Settings or secpol.msc (also a MMC program):
Security Settings - Account Policies
Password Policy, Account Lockout Policy
Security Settings - Local Policies
Audit Policy, User Rights Assignment, Security Options
Next is about customizing level of security particularly for the so-called "Active Content". The truth is that most of active content contained in web-pages is safe, some pages contain active content that can potentially cause security problems on your computer. For example, an ActiveX control that runs automatically when you load a particular Web page might damage your data or cause your computer to become infected with a virus. Internet Explorer uses safety levels for active content to help preventing that kind of situations from occurring.
To modify the safety level for active content you must first go to Tools in Internet Explorer menu, or go to Control Panel in either one choose/click Internet Options and then go to the Security tab. Then just select one of the available zones and move the slider to the setting you want. Further, you can customize all the detailed settings by clicking on "Custom Level..." button, though this is meant only for experienced users. If you don't see this button, click first on "Default Level", apply the changes, and then you that other button will appear. Finally click on OK button until you return to Internet Explorer or Control Panel.
First short explanation of the available pre-set safety levels for active content in Internet Options applet, Security tab.:
- High (the most secure one) ... it excludes the content that could damage your computer.
- Medium (quite secure) ...it warns you before running potentially dangerous content.
- Medium-Low (same as Medium) ... without prompting before running potentially dangerous content.
- Low (the less secure one) ... minimal restrictions and warnings, most of the content is downloaded and/or run without prompts.
- Custom Level (for experienced users) ... you choose all the security settings by yourself.
And here bellow there are few examples, of few options/features, one can set/configure ("enable", "disable", "prompt"), under Internet Options. Particularly on how to go through disabling parts of Active Content in Internet Explorer step by step, i.e. content such as Java programs and ActiveX scripts/controls; be specially aware of drive-by download ActiveX control/exploit. In Internet Explorer, the term "Active scripting" or "ActiveX scripting" refers to both Microsoft JScript scripting and Microsoft Visual Basic Scripting Edition. When you complete this procedure, you disable both types of scripts.
I made examples for setting of Internet Explorer programs versions above 5.0 (5.0, 5.01, 5.5, 6), since I am familiar only with these, and also because there are very few people out there still using older 3.x, 4.x versions, so I omitted examples for those "out-dated" versions. Also note that the functionality of many Web sites on the Internet will be affected ater applying these changes.
Configure Internet Explorer so that it does not run Active scripts automatically:
On the Tools menu, click Internet Options, click the security tab, click the Internet Web content zone, and then click Custom
In the Settings box, go to the Scripting section, and choose the Disable check-box under "Active scripting" and "Scripting of Java applets".
Click OK, and then click OK again.
Configure Internet Explorer so that it does not run Java programs automatically:
On the Tools menu, click Internet Options, go to the security tab, click the Internet Web content zone, change the setting to Custom Level.
Settings box, click "Disable Java" under Permissions, click OK twice to close both pop-up windows.
Configure Internet Explorer to not automatically use items that show active content (animations, marquees):
On the Tools menu, click Internet Options, click the security tab, click the Internet Web content zone, and then click Custom Level.
In the Settings box, click Disable under Download signed ActiveX controls, Download unsigned ActiveX controls, Initialize and script ActiveX controls not marked as safe, Run ActiveX controls and plugins, and Script ActiveX controls marked safe for scripting.
Click OK, and then click OK again.
And finally, I also copied my so-called "PREVENTION SPEECH" (on how to prevent future re-infections) that I use as a 1st Responder trainee on CastleCops forum: http://castlecops.com, particularly the http://castlecops.com/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html part, while here are my two user-profile pages: http://castlecops.com/userinfo-satyr.html, http://castlecops.com/modules.php?name=Forums&file=profile&mode=viewprofile&u=31896.
To reduce the chances for malware re-infection in future, you need to protect yourself against it, so here are a few useful suggestions:
1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft update page. This will patch many security holes through which attackers can gain access to your computer.
2. Prevent spyware-related problems, problems related to other potentially unwanted software (such as dialers, browser hijackers and adware) with SpywareBlaster, which includes "Internet Explorer", "Mozilla/Firefox" and "Restricted Sites" protection. You can get SpywareBlaster here: http://www.javacoolsoftware.com/spywareblaster.html
3. Eliminate dangerous cookies, prevent dangerous system changes and homepage hijacking, and increase your general browser security by using the two free programs. You can get SpywareGuard here: http://www.javacoolsoftware.com/spywareguard.html and IE-SPYAD here: https://netfiles.uiuc.edu/ehowes/www/resource.htm
4. Optionally also read the "Find and Eliminate Spyware" article written by Ralph Caddell to learn more about spyware and how to eliminate it: http://ralphcaddell.com/pchelp/spyware.htm
5. Often delete you browsing traces stored by Internet Explorer. To do this, go to Tools in Internet Explorer's main window menu (or open Control Panel) and in either one choose/click Internet Options applet, go to the General tab (it opens there by default) and click on "Delete Cookies...", "Delete Files..." and "Delete History..." buttons.
6. Modify the safety level for active content. To do this, go to Tools in Internet Explorer menu (or to Control Panel) and in either one choose/click Internet Options and go to the Security tab. First short explanation of the available pre-set safety levels:
- High (the most secure one) ... it excludes the content that could damage your computer
- Medium (quite secure) ...it warns you before running potentially dangerous content
- Medium-Low (same as Medium) ... without prompting before running potentially dangerous content
- Low (the less secure one) ... minimal restrictions and warnings, most of the content is downloaded and/or run without prompts
- Custom Level (for experienced users) ... you choose all the security settings by yourself
Then just select one of the available zones and see if the slider for four safety levels is visible. If you don't see the slider nor the "Custom Level..." button, click first on the "Default Level" button, apply the changes, and then "Custom Level..." button will appear. After "Custom Level..." button will appear you can customize the detailed settings, although this is meant only for experienced users.
a. Configure Internet Explorer so that it does not run Active scripts automatically: Choose the Internet Web content zone (world icon), click "Custom Level..." button, go to the Scripting section, and choose the Disable check-box under "Active scripting" and "Scripting of Java applets". Click OK to apply the changes.
b. Configure Internet Explorer so that it does not run Java programs automatically: Choose the Internet Web content zone, click "Custom Level..." button and click "Disable Java" under Permissions, Click OK to apply the changes.
c. Configure Internet Explorer to not automatically use items that show active content (animations, marquees): Choose the Internet Web content zone, click "Custom Level..." button and click Disable under Download signed ActiveX controls, Download unsigned ActiveX controls, Initialize and script ActiveX controls not marked as safe, Run ActiveX controls and plugins, and Script ActiveX controls marked safe for scripting. Click OK to apply the changes.
Finally click on the OK button to close all pop-up windows until you return to Internet Explorer or Control Panel. Optionally, if you are enough confident, check also the Privacy tab and configure privacy settings for the Internet zone.
Disclaimer 1: The opinions expressed at my web site and in my files are mine, or belong to other individuals/entities where so specified. Each product or service is the trademark of their respective company. All the registered copyrights and trademarks (© and ™) referred in this site retain the property of their respective owners. All information is provided as opinions only. Please, also see the "Disclaimer 2" on the page "about.html".
/NOTE: From the site's update on 5.6.2006 onwards, this particular site will not be updated anymore. To be honest, I made few additional modifications on 6.6., 7.6., 8.6., 9.6., and 16.6., further on 13.7., 23.7., 23.8., and 26.9. in 2006, and finally on 14.1. in 2007 (which was the absolutely last update), but that was all just fixing old errors and formatting, and no new content was added. Optionally see the last "events-entry" on page "events7.html" (it's a short related announcement), and the first entry on the "events8.html" page (it describes all this in great details), however, the second one is located only on "still-updated" site-variants. Anyway, this notice applies to: Bravenet, Freehost386, Geocities, and Greatnow free-hosts (and from 14.1.2007 this includes also Atspace free-host), so for the current variant with the fresh content, please head on to one of these two main sites: 50webs, Voljatel, which are, as mentioned, the only ones still being updated.
My Bravenet's affiliate banner; if you will decide to sign-up for a FREE account, please do it by clicking the banner above, and then register it from that page. |  ----  validate |
This is a more or less security configuration related page, but I still need to decide if it will be titled as "config" also in future. I would like/prefer to call it "security", however, the one under the software section is already named security so the name/title "config" seemed the most appropriate at the time of writing it (compare to "safety" or "privacy" that were other two options that I thought of back then); simply because as mentioned, it's more or less related to security configurations, rather than to the security programs themselves.
I urge anyone with a dial-up connection (or other types too, if they have these two options) to always set you computer for the one particular connection (free ISP account) that you are mostly using to "Never dial a connection" but especially to "Show terminal window" before dialing. This way, there is no chance for those malicious "dialer" programs to do any harm. Here are the links to screenshots of these two settings/windows stored at CastleCops (where I've used the graphic in one of my posts back then):
http://castlecops.com/modules.php?name=Forums&file=download&id=5725, http://castlecops.com/modules.php?name=Forums&file=download&id=5726See the example thumbnail screenshots (click to enlarge):
Hum, if I remember correctly, there is yet another setting called "Show Pre-dial Terminal Screen" which is not the same as "Show terminal window" mentioned above. Anyways, if the thumbnails above are not displayed OK in your browser, then you can try with these two direct links to the screenshots hosted on Imageshack: http://img259.imageshack.us/img259/5233/terminalwindow0gb.gif, http://img259.imageshack.us/img259/8858/connection2qc.gif
Then here below is a list of few locations where you can change security and various other settings with (Local) Group Policy or gpedit.msc (a MMC program):
Local Computer Policy - Computer Configuration - Administrative Templates
Windows Components, System, Network Printers
Local Computer Policy - User Configuration - Administrative Templates
Windows Components, Start Menu and Taskbar, Desktop, Control Panel, Shared Folders, Network, System
And here a list of few locations where you can change security and various other settings with Local Security Settings or secpol.msc (also a MMC program):
Security Settings - Account Policies
Password Policy, Account Lockout Policy
Security Settings - Local Policies
Audit Policy, User Rights Assignment, Security Options
CONFIGURATION OF INTERNET EXPLORER
Next is about customizing level of security particularly for the so-called "Active Content". The truth is that most of active content contained in web-pages is safe, some pages contain active content that can potentially cause security problems on your computer. For example, an ActiveX control that runs automatically when you load a particular Web page might damage your data or cause your computer to become infected with a virus. Internet Explorer uses safety levels for active content to help preventing that kind of situations from occurring.
To modify the safety level for active content you must first go to Tools in Internet Explorer menu, or go to Control Panel in either one choose/click Internet Options and then go to the Security tab. Then just select one of the available zones and move the slider to the setting you want. Further, you can customize all the detailed settings by clicking on "Custom Level..." button, though this is meant only for experienced users. If you don't see this button, click first on "Default Level", apply the changes, and then you that other button will appear. Finally click on OK button until you return to Internet Explorer or Control Panel.
First short explanation of the available pre-set safety levels for active content in Internet Options applet, Security tab.:
- High (the most secure one) ... it excludes the content that could damage your computer.
- Medium (quite secure) ...it warns you before running potentially dangerous content.
- Medium-Low (same as Medium) ... without prompting before running potentially dangerous content.
- Low (the less secure one) ... minimal restrictions and warnings, most of the content is downloaded and/or run without prompts.
- Custom Level (for experienced users) ... you choose all the security settings by yourself.
And here bellow there are few examples, of few options/features, one can set/configure ("enable", "disable", "prompt"), under Internet Options. Particularly on how to go through disabling parts of Active Content in Internet Explorer step by step, i.e. content such as Java programs and ActiveX scripts/controls; be specially aware of drive-by download ActiveX control/exploit. In Internet Explorer, the term "Active scripting" or "ActiveX scripting" refers to both Microsoft JScript scripting and Microsoft Visual Basic Scripting Edition. When you complete this procedure, you disable both types of scripts.
I made examples for setting of Internet Explorer programs versions above 5.0 (5.0, 5.01, 5.5, 6), since I am familiar only with these, and also because there are very few people out there still using older 3.x, 4.x versions, so I omitted examples for those "out-dated" versions. Also note that the functionality of many Web sites on the Internet will be affected ater applying these changes.
Configure Internet Explorer so that it does not run Active scripts automatically:
On the Tools menu, click Internet Options, click the security tab, click the Internet Web content zone, and then click Custom
In the Settings box, go to the Scripting section, and choose the Disable check-box under "Active scripting" and "Scripting of Java applets".
Click OK, and then click OK again.
Configure Internet Explorer so that it does not run Java programs automatically:
On the Tools menu, click Internet Options, go to the security tab, click the Internet Web content zone, change the setting to Custom Level.
Settings box, click "Disable Java" under Permissions, click OK twice to close both pop-up windows.
Configure Internet Explorer to not automatically use items that show active content (animations, marquees):
On the Tools menu, click Internet Options, click the security tab, click the Internet Web content zone, and then click Custom Level.
In the Settings box, click Disable under Download signed ActiveX controls, Download unsigned ActiveX controls, Initialize and script ActiveX controls not marked as safe, Run ActiveX controls and plugins, and Script ActiveX controls marked safe for scripting.
Click OK, and then click OK again.
MY PREVENTION SPEECH FOR CASTLECOPS
And finally, I also copied my so-called "PREVENTION SPEECH" (on how to prevent future re-infections) that I use as a 1st Responder trainee on CastleCops forum:
http://castlecops.com, particularly the http://castlecops.com/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html part, while here are my two user-profile pages: http://castlecops.com/userinfo-satyr.html, http://castlecops.com/modules.php?name=Forums&file=profile&mode=viewprofile&u=31896.To reduce the chances for malware re-infection in future, you need to protect yourself against it, so here are a few useful suggestions:
1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft update page. This will patch many security holes through which attackers can gain access to your computer.
2. Prevent spyware-related problems, problems related to other potentially unwanted software (such as dialers, browser hijackers and adware) with SpywareBlaster, which includes "Internet Explorer", "Mozilla/Firefox" and "Restricted Sites" protection. You can get SpywareBlaster here: http://www.javacoolsoftware.com/spywareblaster.html
3. Eliminate dangerous cookies, prevent dangerous system changes and homepage hijacking, and increase your general browser security by using the two free programs. You can get SpywareGuard here: http://www.javacoolsoftware.com/spywareguard.html and IE-SPYAD here: https://netfiles.uiuc.edu/ehowes/www/resource.htm
4. Optionally also read the "Find and Eliminate Spyware" article written by Ralph Caddell to learn more about spyware and how to eliminate it: http://ralphcaddell.com/pchelp/spyware.htm
5. Often delete you browsing traces stored by Internet Explorer. To do this, go to Tools in Internet Explorer's main window menu (or open Control Panel) and in either one choose/click Internet Options applet, go to the General tab (it opens there by default) and click on "Delete Cookies...", "Delete Files..." and "Delete History..." buttons.
6. Modify the safety level for active content. To do this, go to Tools in Internet Explorer menu (or to Control Panel) and in either one choose/click Internet Options and go to the Security tab. First short explanation of the available pre-set safety levels:
- High (the most secure one) ... it excludes the content that could damage your computer
- Medium (quite secure) ...it warns you before running potentially dangerous content
- Medium-Low (same as Medium) ... without prompting before running potentially dangerous content
- Low (the less secure one) ... minimal restrictions and warnings, most of the content is downloaded and/or run without prompts
- Custom Level (for experienced users) ... you choose all the security settings by yourself
Then just select one of the available zones and see if the slider for four safety levels is visible. If you don't see the slider nor the "Custom Level..." button, click first on the "Default Level" button, apply the changes, and then "Custom Level..." button will appear. After "Custom Level..." button will appear you can customize the detailed settings, although this is meant only for experienced users.
a. Configure Internet Explorer so that it does not run Active scripts automatically: Choose the Internet Web content zone (world icon), click "Custom Level..." button, go to the Scripting section, and choose the Disable check-box under "Active scripting" and "Scripting of Java applets". Click OK to apply the changes.
b. Configure Internet Explorer so that it does not run Java programs automatically: Choose the Internet Web content zone, click "Custom Level..." button and click "Disable Java" under Permissions, Click OK to apply the changes.
c. Configure Internet Explorer to not automatically use items that show active content (animations, marquees): Choose the Internet Web content zone, click "Custom Level..." button and click Disable under Download signed ActiveX controls, Download unsigned ActiveX controls, Initialize and script ActiveX controls not marked as safe, Run ActiveX controls and plugins, and Script ActiveX controls marked safe for scripting. Click OK to apply the changes.
Finally click on the OK button to close all pop-up windows until you return to Internet Explorer or Control Panel. Optionally, if you are enough confident, check also the Privacy tab and configure privacy settings for the Internet zone.
Disclaimer 1: The opinions expressed at my web site and in my files are mine, or belong to other individuals/entities where so specified. Each product or service is the trademark of their respective company. All the registered copyrights and trademarks (© and ™) referred in this site retain the property of their respective owners. All information is provided as opinions only. Please, also see the "Disclaimer 2" on the page "about.html".
All the pages on this site are labeled with the ICRA label. 
The site is maintained solely by its author and is best viewed with a standards-compliant browser.
The site is maintained solely by its author and is best viewed with a standards-compliant browser.
