Super IE can also be easily made by you (top) _ Registration Form

Author: 付谦                              

No one can deny that, as an excellent and widely used browser, IE has received so much criticism and praise. When you are sitting in front of the computer using IE, you will be accustomed to its easy to use and powerful integration features, but at the same time you will be designed for IE vulnerabilities malicious script and virus intrusion. The so-called fish and bear cake can not be both, in Microsoft's efforts to repair the loopholes at the same time, we are able to do?

To make it easier for everyone to become familiar with and understand how to better use IE, I started with a clean, unprotected ie, and gradually made it safe by configuration, and more importantly, not only how to configure it, but also introduce some common principles to you, so that when you encounter similar problems, We can deal with it more calmly.

In order to create a pure ie, I use the VMware tool to effectively implement my environment, the system for Windows XP Professional with SP1. At this point, ie version of 6.0.2800.1106, we began to enhance the browser's journey.

The first is, of course, patching holes. These two days against IE bad news is really a lot of, A adodb.stream is messy enough, plus a few sleeping 6 years of loopholes were disclosed, fortunately Microsoft is very smart, ADODB.stream patch has been launched, the rest of the estimated will soon be filled, but there is one thing we can be sure, that is, Microsoft's website to often go.

The second is the configuration of Internet advanced options in IE, which generally do not need to do any particularly big changes.

Only a few points to be prompted:

If you are always prompted to correct the page error after installing VB, in the Internet option-Advanced select "Prohibit Script debugging" and remove the option "Show each script error notification"

If you are a user of windows2003 server, in the Internet Options-Advanced "Play Web page animation" To display the GIF file normally.

Next is the play in the IE settings: security settings. Before we begin, we need to understand a few controls and scripts to better understand the implications of the security configuration.

The Activex:activex component actually refers to some executable code or a program, such as a. Exe. DLL or. ocx files, through ActiveX technology, programmers can assemble these reusable software into an application or service program, embed it in a Web page, transfer it to a client's browser, and execute it on the client. By programming, an ActiveX control can interact with or interact with a Web browser.

Script: Script in English, in fact, scripts are programs, usually the programming language provided by the application. Applications include browsers (JavaScript, VBScript), multimedia authoring tools, application macros, and the batch language of authoring systems can also be grouped into scripts.

To make it more intuitive to see the importance of security settings browsing the site, I disable all of the browser's features and then log on to some very dangerous sites where bad information will not appear in the screenshot, and gradually turn on some features to make it clear that almost all of the phenomena and problems we are able to meet.

Phenomenon One: Automatically eject other address connection.

We are the most common problem that causes this problem to appear in the active script

In fact, popping up new pages is just one way to take advantage of this feature, and many of the active scripts actually run on the same browsing page, although many Web sites (and even the Windows Update interface) need multiple Active Scripting support to fully open the page. However, this option should be used with caution because of the vast majority of attacks caused by this feature combined with ActiveX control vulnerabilities. So, before you have sufficient trust in the site, please keep your ban on this feature!

Phenomenon Two: Ask to install a software.

Phenomenon III: Some programs appear in the process.

These two issues are just as common, causing this problem to be located in the ActiveX control and Plug-in Settings section.

In fact, even the often-appearing ads require ActiveX support, and these ads are displayed in a format (such as Flash format), which is opened online. The phenomenon that appears in the second picture is the result of the "Download ActiveX control" and "Run ActiveX controls and Plug-ins". However, we should be clear that some malicious programs or viruses are not so harmless, once they have the right to execute will be wanton destruction of your system, so my advice is:

To execute a script on an ActiveX control marked as safe to execute: Disable

To initialize an ActiveX control that is not marked as safe to execute script: Disable

To download unsigned ActiveX controls: disabling

To download a signed ActiveX control: Disable

Running ActiveX controls and Plug-ins: prompting

This will guarantee some of the plug-ins you want, Flash Player, for example, can appear normally in the prompts, and the previous options are the accomplices to stay on your hard drive before the malicious program gets execution permission, not to be blinded by the word "signed," which can easily be disguised as "signed" and cheated by the browser. , so don't keep them open unless the site named requires you to open the download controls, such as the bank's online payment system client.

So how do you solve the dialog box that always pops up to ask for installation software? It's simple, if we need this software, so long as we install it, next time it will not pop-up prompts, if we have all the Software manufacturers Trust (such as MS) then we can check the "Always trust" checkbox, and for the software we do not need to take the following three steps to avoid their appearance.

First step: Click on the Certificate

Step Two: Select Installation certificate

Step Three: Install the certificate to the untrusted domain

Just a few simple steps to avoid the prompts you don't want to see reappear.

Phenomenon Four: The browser is changed to unrecognizable, the registry is corrupted

Bypassing ActiveX successfully downloading executable files

The location causing this problem is in the Java applet script

Java applet script and ActiveX status can be said to be equal, Java script can be used to do small to change the background of the browser, large to format your hard disk, some people think that Java script can not do like ActiveX to download programs and think that the harm is less than ActiveX, That would be a big mistake. In fact, using Java scripts to modify the registry is much easier than using ActiveX, and Cross-site scripting attacks (CSS or XSS) using Java scripts can easily intercept your personal information and steal personal accounts. What's more, when you disable Active scripting, use Java Script to open a new page when you close the browser and download the executable program that is disguised!

Since most Web sites using Java scripts use them for special effects or to make voting windows smaller, closing it does not have much impact on browsing the vast majority of websites. Also, in view of its hazards, be sure to disable this option before you fully trust the site.

Phenomenon Five: The browser automatically jumps to other pages

The location that caused this problem is

This is a common feature in the forum, used to prompt and prevent the screen, of course, this feature can be used on any page. Although the code is very simple 〈meta http-equiv= "Refresh" content= "5;" Url=http://website "However, even this simple feature can be exploited by an attacker to act like an active script, so ... Needless to say, unless you trust this page, disable it. Incidentally, the meta-refresh used in a forum cookie hint can be replaced by a manual refresh.

The last thing to note is that there was an attack that was built on the "Access data resources" option and took advantage of the power of MSXML, but the vulnerability was blocked earlier by a patch from Ms. I don't know which option in the security setting is going to be the target of the attack, anyway, update is always going to go.

To sum up, we have learned almost all of the attacks that have taken place against browsers with browser vulnerabilities and program features. Obviously, if we want absolute security, we will lose almost all normal functions at the same time. So when surfing the internet, we need a part of the site to become a trusted site, such as Sohu, NetEase and so on, we can place these sites in the "Trusted Sites" list, give them higher privileges, although these sites will bring us objectionable business plug-ins and advertising, But we can shield it by simple means. And in some cases, we especially need to be vigilant, especially when you are browsing some sites that are dangerous (especially adult content), and in public chat rooms, you need to be extra vigilant in these situations, Some of the fake files through your download and installation will make us all the configuration of the browser in the form of a piece of paper. Finally, I would like to remind those addicted to QQ or online games, because the virtual world also has a huge profit, against them a variety of attacks, and attack more use of the software itself many loopholes, so in the browsing of these areas of the site, I also strongly recommend that these players use a more cautious browsing strategy in order to ensure that their interests are not violated.

My recommended security settings policy is:

For trusted sites: put them directly into a trusted site and allow browsers to use trusted site policies.

For dangerous sites: Apply the above changes to the medium level security configuration.

Finally, remind those who are accustomed to using a third party modifier (ie Assistant, Super Bunny friends, because these software did not pass the official Microsoft test, so their browser and registry key value of the direct modification of the behavior can lead to unpredictable errors, and because they can not do the root cause, Therefore, the malicious programs and viruses that have camouflage and propagation characteristics cannot be completely eliminated, which can cause the system to continue to be violated and the user is not aware that this loss is greater. So I remind you to use the third party modifier carefully, the scientific and complete solution will be introduced in the second chapter.