You should also look at all the "cookies" on your system. Do you know that cookies are used not only for things like the fiero forum, but also to monitor your movment around the net? Nearly all the ad banners you encounter and many site hit counters set cookies on your system.
You can selectivly filter cookies by site with a shareware tool called "cookiepal." you can find it on most of the download sites like download.com or filemine.com.
I think that the real problems lies in the "default" settings that the popular browsers install with. To obtain the maximum security that your software is capable of requires a bit of tweaking to the security settings. For example : Microsoft Internet Explorer uses security zones, but they are useless with the default install. The "Internet" zone should be reset to the highest security setting (depending on your browsing habits a custom setting may be preferable). Then the sites that you trust are added to the "Trusted Sites" list (duh). The trusted sites are given capabilities such as java, activeX, and cookies. (Note: "per-site cookie access" capability was added to IE version 5.0 but is only effectively enabled by using these security settings). This will provide adequate protection against unknown links that may contain malicious java or activeX components, and still allow for a pleasant browsing experience. If you are using IE 5.0, the only cookies on your system will be from a site that you have "allowed" to set one.
another good site to visit is Gibson Research (grc.com) They have a program (freeware, runs over the web) called ShieldsUp, and it tests your network security. it does not save any data, nor does it identify you. it indicates which of your computers ports are open, and there are several links to firewall programs available for download.
[This message has been edited by DaRkLoRD (edited 03-20-2000).]
Gibson has been arround a long time. He is most known for his SpinRite product that tests and often restores hard disk drives. I don't know how much good SpinRite is on the newer drives but it was indespencable on the old MFM and RLL ones.
I believe the trusted sites you are setting up are maybe in the wrong part of IE??? HTTPS sites usually are running SSL encryption. I only have one machine with IE5 on it. I'll look at it tomorow.
Setting IE sites isn't a bad idea. It's cumbersome tho. Generally IE and Netscape wants to accept or deny all cookies. Setting site preferances one at a time is a pain. In the increasing presence of multi server sites it's even more of a pain. For example to use microsoft you would need: www.microsoft support.microsoft windowsupdate.microsoft and so on.
CookiePal quietly monitors and filters. If you hit a cookie from a site not in the database you get a prompt that most often you will simply click the never or the always button on. ((you can also select individual cookies if your screening a new site.))This way Carparts.com Wrenchhead and of course the forums work but DoubleClick will never set no matter what site you are on that is displaying their adds.
Ogre, I checked again and figured it out.. there was a check box right in front of me that said "reqire secure server.." etc. I must have missed it before. oops.
No, actually the entry "microsoft.com" would encompass the entire microsoft site. You can also enter a single ip address, sub net, or entire class C net. It is really quite an easy and flexible feature to use, and I am always amazed at the number of users who are unfamiliar with this aspect of their browser. IMO, any MIS manager worth a salt should have this setup across their entire network if it is internet enabled. Try it out, it is really quite easy and I am sure you will find that very few sites need to have the "Trusted Site" classification. The incorporation of cookies into this security model with the release of IE5.0 was a long awaited feature that Microsoft should have enabled from the start. As a proficient programmer of ActiveX, Java, and Visual Basic, I know quite well what a few lines of malicious code embedded in an html document can do without the users knowledge. Better to be safe than sorry.
Those of you with cable modems, DSL, and other always on service. You need to make sure that ALL sharing on the machine(s) is shut off. Especially on Cable modems.
Cable modems efectivly turn the local area into a large LAN. Anyone on the LAN can see any other device that is broadcasting. If you have file or printer sharing turned on then they likely can see you and use any shared resource. They can install software and do about anything else they want.
On DSL this problem is not quite as bad as cable. DSL doesn't route any protocol but TCP/IP. That doesn't however make it safe. Microsoft windows still requires allot of "NetBIOS" and simply ecapulates this in TCP/IP just like stuffing it in an envelope. How save you are depends on how your ISP has filtered the routers on their network.
If you don't understand this then find someone who does. The hard drive you save may be your own.
IP: Logged
09:04 PM
Mar 29th, 2000
zebrex Member
Posts: 48 From: jasonville indiana usa Registered: Mar 2000
the sites couldnt scan me ha. I use a free firewall (and proxy server for my network at home ) that I got from www.zonelabs.com I gpt the proxy server from www.analogx.com
zebrex, I use ZoneAlarm as well, but the AnalogX proxy screwed up my connection.. so now my network has no net access. just my computer (*sigh* still on dialup.)
I have NukeNabber as well. what port monitor do you use?
IP: Logged
01:34 AM
zebrex Member
Posts: 48 From: jasonville indiana usa Registered: Mar 2000
Ive got a whole bunch of trojens, blockers ,scanners, sniffers and crackers I dont run any certian one just play with them from time to time . as far as the proxy it works fine on my NT server ,NT Workstation, winn98, winn95 home network (I have 6 machines sharing a dialup no broadband out here in the boonies)if you need something let me know and I set it up on the ftp at work
