Jump to content

Windows Security Warnings


Recommended Posts

I wish to disable these warnings. I access many files from a networked server, so this warning pops up constantly. I wish to disable it.


The instuctions online to resolve this issue require ne to go into IE and modify the zones. Problem with that is that I, via nLite, removed IE - so I'm not able to implement their solutions. Seeing that I have removed IE, its odd that this warning even exists.


Anyone have any ideas?

Link to comment
Share on other sites

Hints -



High-level Node is the Primary Key to add. Underneath is a Sub-Key to add. Below that is ithe Value to add.

My Website (seldom started) example -


REGEDIT4[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\no-ip.org][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\no-ip.org\martin-entltd]"http"=dword:00000001


Edited by submix8c
Link to comment
Share on other sites

So I would add the ip address of the server?


So for example:

REGEDIT4[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\192.168.xxx.xxx]"http"=dword:00000001


Link to comment
Share on other sites

For "HTTP", yes. For FTP use "FTP". BTW, there's a difference between "Internet" and "Intranet". The "Dword value" is a pointer to a Zone. See this -



You have a lot of reading to do about Security Settings in the Registry, my friend. You could have kept IE and just not used it. The only time you have a "security hole" is if you actually use it to access a Website. Otherwise, you could have used it *just* to set those Security Settings. But, you insisted on removal via the FDV Fileset. :(


There's paranoia (red pill) and extreme paranoia (blue pill). You chose the blue pill. ;)


Just take a look in the Registry at those places I indicated.


BTW/FYI, SpyBot inserts a whole pile of "Restricted Sites" in there and also puts them into the "HOSTS" file. :yes:


HTH, and good luck!

Link to comment
Share on other sites

Maybe I didn't ask my question correctly. I am not using HTTP nor FTP. I am accessing files on a NAS using mapped network drives of the shared folders on the NAS. Whenever I try to copy or move or run files on the NAS, these security warnings pop up.

So what value would I use, as HTTP nor FTP sound right in this situation.


Reading what you linked, and doing other research I found some stuff out:

There is an issue with how IE appoints an item as intranet or internet. If you map a drive using the IP address it shows up as INTERNET due to the usage of the dots!!! So annoying - Win2K never did such a thing! So the alleged work around is to add the IP address into the "INTRANET SITES" in the IE settings.


However if I used the name of the NAS to map, it still was showing as INTERNET. I created a new slipstream, this time I got rid of the IE8 files, just just used the IE6. This fixed the error with the name, but not the IP.


I created a new slipstream with the IE core files. I added the IP to the "INTRANET SITES", but the drive is still showing as INTERNET.


BTW: I stated in the other thread that I used nLite to remove IE, not the FDV file set.


Thanks for the help thus far.

Link to comment
Share on other sites

Try using the NAS Machine Name. I also have an entry for mine using "http". Here's my Full Intranet settings (as shown in IE).


I've replaced my Machine Name. Just (try to) use the NAS Computer Name.

I also have "Reqiure Server Verification" turned off (unchecked).




Yep, that appears to be the problem! See this -


Edit - give it a go. If it works, get/create the REG entries, and reinstall without IE, if it suits you.

Edited by submix8c
Link to comment
Share on other sites

Thanks for the reply. As I stated, using the machine name (thanks for reminding me of the term) works fine under IE6 - its when I use the IP address that it hiccups.


For some reason every so often the NAS gets amnisia and forgets its name. So in order to connect to it I have to reboot it - very annoying. However if I map using the IP, if it gets amnisia the map still works! WinXP for what ever reason changed its criteria and is making IP address INTERNET. So I need to somehow get XP to act like 2K.


Thank you so much for that link! I'm going to make a iso with the IE core files included and try that. I'll post the results later.

Link to comment
Share on other sites

Wait a minute. :unsure:


Which NAS is it?

Which Filesystem is used on the NAS?


I mean, is it not that the Source file(s) (on the NAS) have an ADS with Zone 3 or 4?



IF this is the case, the issue is not in the XP itself, but rather in the file(s).

Somethign like this:


may be of use then...


You may mitigate the issue, depending on the file types by using an appropriate policy:


and a low risk type list ...

or downright use SEE_MASK_NOZONECHECKS :w00t::ph34r:





Link to comment
Share on other sites

Wow, thank you for the links! None of the aplly to this current situations, but it was very informative and educational - never really knew about ADSs.


My NAS is a WD My Book World Edition. It uses teh XFS file system - so no ADSs on the files coming from it.


As I see it now: the issue is that WinXP is seeing anything with an IP address as INTERNET.

Win2K is smart enough to know that the IP address with 192.168.X.X is INTRANET, why doesn't WinXP?

Link to comment
Share on other sites

As I see it now: the issue is that WinXP is seeing anything with an IP address as INTERNET.

Win2K is smart enough to know that the IP address with 192.168.X.X is INTRANET, why doesn't WinXP?

More exactly (yes, I do know I am picky) the difference is more between LAN and WAN.

Internet or Intranet is more about world wide or local connection that use a protocol such as http or ftp and similar.


If you prefer, I suspect that the change is more related to the Windows XP built-in Firewall and IPSEC than on "internet zones" as configured in Internet Explorer and similar :unsure:.


BUT with stupid integration/mixup between Windows Explorer/Internet Explorer/Control Panel/Firewall settings, you can NEVER say for sure which  is which, most probably the issue is due to having a dot (yes a dot, or period/full stop) in the address :w00t: see:





Link to comment
Share on other sites

Check the Security Level Settings in the Intranet/Internet Zones in the IE Options.


I had a heck of a time "turning off" those stupid blockages. See each line item within it and look up what it "does".


I'd list mine for you but ATM I'm drinking Neros (cheap beer). Pulled an all-nighter figuring out how to allow "download" of a DAT file from my website. (needs MIME setting for the given file in the IIS Web Setup).


Sorry I can't help anymore (other than my Settings). :( There *has* to be an answer...

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...