IE restricted areas

[RogueSpear]

You would need to find a maintained list somewhere akin to what you are using now for ActiveX. There is a big one out there and for the life of me I can't remember the name of it now. And I long ago deleted the last version I had archived. I used to use it myself, but I found it to be far too troublesome. They were far too inclusive in what was put in the list and it always required massive editing everytime a new list was published. If you support users that need access to MSN, Yahoo, etc. then the list is not for you.

What they attempt to do is a add in some degree of ad blocking and cookie blocking by making the list include ad URLs. Nice concept, but terrible execution.

Something that may interest you is a freeware product called Proxomitron. It's similar to the eDexter I had described above, but considerably more advanced. Once you have it fine tuned to your liking, it's a snap to deploy.

[BoardBabe]

Well, im actually gona implement any security regs to an app im making myself, but I guess the way would be to auto update blocklist and manually make a reg file for zones and coockies from spywareblaster

[Takeshi]

On my PC Spyware Blaster only writes to the current user's profile:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains

and not HKLM nor anywhere else (except HKU\S-1-5-21-SID, the same as the above), not even other users' HKCU.

So why not just try the standard practice: importing HKCU at T-12?

To test if it works or not, install SpywareBlaster afterwards and it should tell you if it's immunised or not.

Edited January 12, 2006 by Takeshi

[RogueSpear]

The thing I like about using HKLM is that is also protects your service accounts which are often the targets of exploits and have more rights than a restricted user. I suppose if you wanted to go overkill you could import to both HKLM and HKCU and then export HKCU to the Default User profile.

[BoardBabe]

Takeshi; thank you for your reply!

and then export HKCU to the Default User profile.

Mind explaining what you mean with that? -how this is done unattendedly. Edited January 12, 2006 by BoardBabe

[RogueSpear]

This post by BoaSoft. It's absolute genius. I just love it when a guy with 4 posts comes along and shows me something that I never in a million years would have though to do.

[BoardBabe]

I have to agree with you, that was clever.

[xpmaniac4ever]

I knew about the activeX blocker, as I made an app that autoimplements the latest blocklist from spywareguide.com during UA, and checks for updates on run, but not the other two, thank you!

Can you share your application with us ?

[BoardBabe]

Yep, as soon as its finished

-Im working on implementing blocked domains and coockies as well, just about 6000 threats will be prevented. You should be pretty secure if you run this at ua setup...

[xpmaniac4ever]

Cheers ! Good Luck !

PS: If you want beta testing..just ask !

..I can help u in development if u want..

[BoardBabe]

Ok, Im done for now.

It's a pretty simple app, but works well. The app will block over 3500 ActiveX malware, adware and spyware controllers, 600+ coockies and 2300+ known domains for ALL users.

Since the only currently available list online is ActiveX bloclist provided by www.spywareguide.com the app only updates the ActiveX part online, the domains and coockies to block are not updated, but includes all the most frequent updates up to this date from several apps like SpywareBlaster and SpyBot.

The app will run silently if you'd like to include it on UA media, or with GUI that tells you what's going on if desired, it will also run regardless of you beeing online/offline, but ofc will not update the ActiveX list if offline (will use backuplist from 01/19/06)

PM if you would like me to send it to you. It is made with AutoIt.

[RogueSpear]

Let me know if you'd like me to host it for you.

[BoardBabe]

Thank you!

Only it's with Norwegian messages only atm, so don't need to host it if no one wants it

Though, its easy to translate if requested.

[BoardBabe]

I compiled a blocklist.reg of domains with over 8000 bad domains, get the blocklist here http://www.msfn.org/board/index.php?showtopic=65795

[xpmaniac4ever]

Only it's with Norwegian messages only atm, so don't need to host it if no one wants it

Could you translate in in english, please ? I am really interested in it. Thanx.

Edited February 5, 2006 by xpmaniac4ever