cancel
Showing results for 
Search instead for 
Did you mean: 

Avoiding Browser-Based Attacks

pcorker
Grafter
Posts: 309
Registered: 05-09-2007

Avoiding Browser-Based Attacks

I have come over all evangelical:

"A browser-based attack occurs when a user visits a web page which has embedded malicious code, usually as Javascript or as an ActiveX control"
This could cause you to download a dialler to an expensive number, a launcher for a trojan or just popups or spyware.
Adaware, Pest Control, etc may find or eradicate the program - perhaps too late.
Shut the stable door - prevent your browser being invisibly redirected and ever picking up malware or spyware then you will have nothing to remove!

IE-SPYAD puts a regularly updated huge list of "bad" sites into IE's Restricted Zone. Set the zone's security to high and IE will refuse to go there. There's a huge amount of info on the Free IE-SPYAD page *EDIT: I have updated this linK* but you could just scroll down to the DOWNLOAD box for "IE-SPYAD free" and click it. Open or save the freeware program and unzip it. Close IE and click install.bat in the folder and follow the instructions (= install!) to insert the list. Done! Repeat that whole sequence (with IE closed) when the page is updated. (Note: subsequently first select "Uninstall" old list)
To get regular email notification of updated download page go to free ie-spyad update emailer and scroll to IE-SPYAD *EDIT: now to update just go to the download page "Free IE-SPYAD" above.
The author REFUSES payment and I am not connected. If you know of, or find, any problems I would like to know.
Pat.

[Moderator's note (by csogilvie): Post moved from Customer Feedback.]
14 REPLIES
N/A

Avoiding Browser-Based Attacks

Thanks for the information about IE-SPYAD.

I'd like to add that I have found the Spyware Removal page of the 'Audit my PC' site, at

http://www.auditmypc.com/

very informative on just this topic.

I have Spywareblaster loaded, with IE protection, but was still surprised by the results of tests there. The most eye-catching demonstration was of the site's ability to open your CD drive tray, remotely. Made me jump!

There are suggestions for improving browser security by various means, linked to 'Audit my PC's' Spyware page.
N/A

Avoiding Browser-Based Attacks

If your CD drive opened or part of your win.ini file was displayed, you are missing some Windows security fixes/patches for IE and Windows.

Vulnerabilities in Windows and IE are being found all the time. You need to be up to date with all security updates.

Again, I get no response from the auditmypc site.
N/A

Avoiding Browser-Based Attacks

Hmm, I always keep up to speed with all critical updates, & at the moment only have 7 suggested updates on the MS site, but I'll take on board what you say.

I do think that my browser settings are not as rigorous as they could be. Having disabled various Active X setings in my browser, I found that my CD tray wasn't subject to the same remote command.

I'm going to keep reviewing things, without getting (hyper) paranoid. Paranoia on the Net, of course, is justifiable....
N/A

Avoiding Browser-Based Attacks

SpyBot has an option to install a background blocker against various spyware items, dialers etc.

In addition you can get a free program called SpyGuard which is a real time spyware etc. blocker.

Trojan Hunter or Tauscan are also good.

I've set my browers to only allow signed activeX controls, but even then you can't be 100% sure.

Windows XP SP2 (Beta Version avaliable now) has some nice touches as far as activex controls, since it allows you to list all the controls installed on your machine from within IE and to control which ones are active etc.
Finally you can get it to prompt you ever time, before allow any activeX control to either installed or run.

As far as the net is concered, what's more disturbing is the number of people who surf incomplete ignorance of the potential dangers they face.
You can never be 100% safe and if you take things too far, it spoils the benefits that are to be gained from the net.
pcorker
Grafter
Posts: 309
Registered: 05-09-2007

Avoiding Browser-Based Attacks

Gadgetboy
Does the free scan at http://www.auditmypc.com/freescan/info.asp (Scroll down to "If you would like... " )
eject your CD and quote your win.ini with that setting?
Does Spyguard work the same way as ie-spyad?
(Just curious - reply not vital!)
Pat.
N/A

Avoiding Browser-Based Attacks

To be honest I don't know, but I'll check it later when I'm back at home and post back a reply either way.
N/A

Avoiding Browser-Based Attacks

Ok,

I performed the check and while it found some info about my browser, it couldn't open my CD draw or pull info from my win.ini file.

But these checks failed because IE blocked them, because it's upto date with all the patches, my spyware program didn't have to intervene.

The only thing it did highlight was my internal IP address was too easy to guess, so I'll be changing that shortly.
pcorker
Grafter
Posts: 309
Registered: 05-09-2007

Avoiding Browser-Based Attacks

Hmmm
Might be time to forsake W98SE Cry
I think I only got two update patches while XP folk got four.
Thanks,
Pat.
pcorker
Grafter
Posts: 309
Registered: 05-09-2007

Avoiding Browser-Based Attacks

and thanks for the link, kwesi01
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Avoiding Browser-Based Attacks

Quote
Hmmm
Might be time to forsake W98SE Cry
I think I only got two update patches while XP folk got four.


Probably because XP has more holes in it than Win98SE :mrgreen:
N/A

Avoiding Browser-Based Attacks

Nothing wrong with win98se. Just rip out ie6 and use Mozilla's firefox instead. It worked for me, ( and it's free ).
N/A

Avoiding Browser-Based Attacks

If you machine can take it, then dump Win98SE.

Mozzila Firefox is good but I find it slow drawing the window but it's a pretty damm good browser for free.
N/A

Mozilla

Thunderbird is a pretty good replacement for outlook as well. It's certainly improved a lot recently, especially now it's a stand alone package.
N/A

Avoiding Browser-Based Attacks

I use Mozilla Firefox too...I can't put up with the amount of pop-ups, etc, that IE allows to open, besides the number of crashes and other annoyances that IE lovingly promotes.

Thunderbird is great, but won't be excellent until they build on password protected profile support...until then, I'm using PocoMail...just wish Hotmail would stop being so in with Microsoft/Outlook and allow POP access.