Windows Vista Inside Out

Slides:



Advertisements
Similar presentations
®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
Advertisements

Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely P J Human Resources Pte Ltd presents:
Microsoft TM SharePoint Content Management SystemTutorial By Mazen Abdallah Student Assistant at CNS 2010.
Configuring Windows Internet Explorer 7 Security Lesson 5.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
How to avoid Viruses and Malware on your Computer Use a firewall Using a firewall is like locking the front door to your house—it helps keep intruders.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Use my floppy disk. 1. copy short cut to desktop. 2.run NoAdHOSTS.exe 3. Surf without ad’s. 4.to reverse everything -edit out all url s you want to return.
Microsoft ® Official Course Module 9 Configuring Applications.
© 2008 The McGraw-Hill Companies, Inc. All rights reserved. M I C R O S O F T ® Preparing for Electronic Distribution Lesson 14.
PowerPoint Presentation to Accompany GO! with Internet Explorer 9 Getting Started Chapter 3 Exploring the World Wide Web with Internet Explorer 9.
With Internet Explorer 9 Getting Started© 2013 Pearson Education, Inc. Publishing as Prentice Hall1 Exploring the World Wide Web with Internet Explorer.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.
Data Security.
Configuring and Troubleshooting Internet Access Chapter 9 powered by dj.
Using Windows Firewall and Windows Defender
Spyware Sue Scott Technology Librarian. What is Spyware Malware – (Malicious Software) A general term to encompass unwanted software on a personal computer.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely presents:
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.
Troubleshooting Windows Vista Security Chapter 4.
Chapter 3 (HW02) Exploring the World Wide Web with Internet Explorer 9.
Tutorial 1: Browser Basics.
1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
Microsoft FrontPage 2003 Illustrated Complete Finalizing a Web Site.
Windows Vista Inside Out Chapter 22 - Monitoring System Activities with Event Viewer Last modified am.
Windows Vista Inside Out Ch 10: Ch 10: Security Essentials Last modified
Module 6: Configuring User Environments Using Group Policy.
Windows 7 Inside Out Ch 5: Adding, Removing, and Managing Programs.
Module 5: Configuring Internet Explorer and Supporting Applications.
1 World Wide Web Concepts (Chapter 18) 인공지능연구실. 2 목 차  Elements of the Web  Web Browsers  Keeping Tracking of your Favorite Web sites  Security and.
Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.
1 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Take over a client via the browser Interesting information on the client Can use browser.
Active X and Signed Applets Chad Bollard. Overview ActiveX  Security Features  Hidden Problems Signed Applets  Security Features  Security Problems.
ITMT Windows 7 Configuration Chapter 7 – Working with Applications.
Remove [Browser Hijackers] For more information regarding [Browser Hijackers] Please Visit:
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
For more information on Rouge, visit:
Guide to Parallel Operating Systems with Windows 7 and Linux Chapter 4 Installing and Configuring Applications.
Microsoft FrontPage 2003 Illustrated Complete Creating a Web Site.
Pasewark & Pasewark 1 Windows Vista Lesson 1 Windows Vista Basics Microsoft Office 2007: Introductory.
How to fix Netflix Signing In Issues? For More Details Visit Our Website
Windows Tutorial 5 Protecting Your Computer
Windchill WorkGroup Manager (WGM) for Inventor installation
Managing User Desktops with Group Policy
MicrosoftTM SharePoint Content Management SystemTutorial
Tips for using Java with Internet Explorer
Managing Windows Security
Computer Literacy BASICS
About SharePoint Server 2007 My Sites
Browser Settings *Failure to have the correct Browser cache setting may result in incorrect data being displayed. This is the procedure to allow Indistar.
MOAC : Configuring Windows 8.1
ant HelpGmail Error.
Dynamic Web Page A dynamic web page is a kind of web page that has been prepared with fresh information (content and/or layout), for each individual viewing.
Microsoft FrontPage 2003 Illustrated Complete
Volume Licensing Download Center
Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.
Windows Internet Explorer 7-Illustrated Essentials
Lesson #7 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 7 Configuring Devices and Updates.
Chapter 9: Configuring Internet Explorer
Presentation transcript:

Windows Vista Inside Out Chapter 27 – Advanced Internet Explorer 7 Security and Administration Last modified 11-7-07

Editions All the tools and techniques described in this chapter are available in all editions

Working with (and Around) Protected Mode Protected Mode stops websites from Installing programs without permission Changing system settings Applied to all sites except ones in the Trusted Sites zone By default, Protected Mode is on

Low Folders These Low folders are used by IE 7 They have the same low privilege levels as IE 7 in Protected Mode Cache %LocalAppData%\Microsoft\Windows\Temporary Internet Files\Low Temp %LocalAppData%\Temp\Low Cookies %AppData%\Microsoft\Windows\Cookies\Low History %LocalAppData%\Microsoft\Windows\History\Low

Virtual Folders If an add-on tries to write a data file to Program Files Windows folders Registry Windows silently redirects the file write operation to a virtual equivalent The program continues, without knowing where the file really was stored

Broker Process When Internet Explorer needs to read those virtualized files A broker process intercepts the operation Shows a User Account Control dialog box before the process can continue

Disabling Protected Mode This exposes you to risks, but may be necessary to use some websites Tools, Internet Options, Security tab Clear "Enable Protected Mode"

The Four Internet Security Zones All sites that are not included in any other category Local Intranet Sites on your local network Trusted Sites (empty on a clean installation of Windows) Restricted Sites

Trusted Sites "Medium" security level Internet Explorer’s Protected Mode security is disabled This allows some ActiveX controls to run

Adding Sites to the Trusted Zone On the Security tab of the Internet Options dialog box. Click Trusted Sites Click Sites By default, sites must be secure (https) Otherwise you don't really know if they are genuine

Restricted Sites High security Scripting disabled This zone is the default for HTML-formatted e-mail you read using Microsoft Outlook or Windows Mail

Adding Sites to the Restricted Zone On the Security tab of the Internet Options dialog box. Click Restricted Sites Click Sites No need for sites to be secure

Changing a Zone’s Security Settings Use the slider to adjust the security level Custom level for detailed settings

Protecting Yourself from Unsafe and Unwanted Software Authenticode Microsoft's digital signing technology Identifies publisher Ensures that file has not been altered Signed controls will prompt warnings like this

Add-on Installer When you install an ActiveX Control, you can choose how to handle content from this publisher Always install Never install

Trusted and Untrusted Publishers Internet Options, Content tab, Publishers Two fake Microsoft certificates appear in "Untrusted Publishers"

Blocking Potentially Unsafe Downloads Half the failures in Windows are caused by "deceptive software" Malicious software spread by instant messages, email, or Web pages False error messages, offers, etc. Extra software that comes with a game or file-sharing client

Spyware? Adware? What's the Difference? Spyware gathers information about you and your browsing activities Adware displays advertisements including pop-up windows Home-page hijackers change your default home page and browser settings Trojan horses allow an intruder to take over a compromised computer Use Antivirus and Antispyware software!

Downloading Executable Files You must approve two separate Security Warnings to download a program in Internet Explorer

Running a Downloaded File If it's not signed, you see this box too And then, of course, you see the User Account Control dialog

How do You Know that a Program is Safe? If a file is digitally signed, you might be comfortable trusting the publisher If it isn't digitally signed, search for complaints about the program in Google Groups (http://groups.google.com) Set a System Restore point before installing

Keeping ActiveX Under Control ActiveX controls are small programs that enhance the functionality of a Web site They work only in IE, on Windows Windows Update uses ActiveX ActiveX controls are like executables that you run from the Start menu or a command line They have full access to your computer's resources

ActiveX and Viruses You cannot download an ActiveX control, scan it for viruses, and install it separately ActiveX controls must be installed on the fly You're protected from known viruses if you've configured your antivirus software to perform real-time scanning for hostile code

ActiveX Security Settings Internet Options Security tab Internet Custom Level See p. 894 for a list of ActiveX security settings

Using Scripts Wisely Scripts are small programs Written in a scripting language such as JavaScript or VBScript Scripts run on the client computer See links Ch 27a, 27b

Using Scripts Wisely Hostile scripts can be embedded in Web pages or in HTML-formatted e-mail messages You can disable scripts in Internet Options, the same way you control ActiveX control security Tip: For real safe browsing, use Firefox with the Noscript extension

Browser Add-ons Add-ons can provide New toolbars, Explorer bars, menus, buttons, extended search capabilities, manage the process of filling in forms, save bookmarks, etc. These add-ons take the form of browser extensions, browser helper objects (BHOs), toolbars, Java applets, and ActiveX controls, and more Add-ons can also cause crashes, pop-ups, act as Spyware, etc.

Installing, Removing, and Troubleshooting Add-ons In IE 7, Tools, Manage Add-Ons, Enable or Disable Add-ons

Managing Add-ons The Manage Add-ons box does not provide an uninstallation option You have to find the program that installed an add-on and uninstall it Some malicious add-ons hide and do not appear in this box

Managing Cookies A cookie is a small text file It enables a Web site to personalize its offerings in some way Stored in %UserProfile%\AppData\Roaming\ Microsoft\Windows\Cookies Cookies are used recording logon information, shopping preferences, etc.

Privacy Concerns Cookies may contain information you typed into a Web page This information can be read only by the site that created the cookie BUT: Third-party cookies cheat and get around this rule (See link Ch 27c)

Platform for Privacy Preferences P3P Internet Explorer 7 supports the Platform for Privacy Preferences (P3P) standard You can choose to block certain kinds of cookies, while allowing the rest

Cookie Privacy Settings Tools, Internet Options, Privacy tab Block All Cookies High Medium High Medium Low Accept All Cookies The default setting is Medium

Viewing a Site's Privacy Report When Internet Explorer blocks a cookie, it displays an icon on your status bar To find out what cookie was blocked and why, double-click this icon to see Privacy Report

Viewing a Site's Privacy Report Click on a site in Privacy Report, click Settings to see Privacy Policy Always Allow This Site To Use Cookies Never Allow This Site To Use Cookies

Managing Internet Explorer’s Cache and History Temporary Internet files (the cache) are stored in the hidden system folder %LocalAppData%\Microsoft\Windows\ Temporary Internet Files

Changing the Size of the Cache Tools, Internet Options, General Tab In the Browsing History section, click Settings You can also set how often IE checks for new versions of pages here Shift-Refresh to force a new load

Blocking Objectionable Content Content Advisor blocks sites that are rated outside your acceptable limits It uses the Internet Content Rating Association (ICRA) system Not all Internet content is rated By default, Content Advisor blocks pages that don't have a rating

Internet Explorer Administration Kit (IEAK) Available in several languages Used to customize the Internet Explorer interface and control browser settings Especially those related to security