Trojans | Viruses | Sharing | Web Sites | Windows Update | MS Office

How to Guard against Malicious Web Sites

I found the site that originally started my problem while running a search for PC hardware. It started a series of pop-ups that ran on forever (all porn sites). After closing all of the windows, I found that my start page for IE had been reset to it…. I immediately began trying to close the pop-ups that were initiated even before the first window was loaded. After fixing my system registry from the changes by that web site I rebooted my machine, started IE and was taken to "Child Paysite" where again the pop ups began, this time from "Child Paysite".

Scary, huh? One solution is to only go to old, familiar, safe web sites. Unfortunately, thanks to the Dot Com bust, porn peddlers have bought the domain names of many sits that went out of business. This trick even defeats web babysitter programs. Porn sites also buy domain names that are misspellings of or similar to popular domains. Or, they trick search engines into listing them under a phony category.

Porn sites are notorious for downloading malicious programs onto your computer. Some of them don’t care whether you actually look at their filth. They are tricking their advertisers into paying them for page views. That’s why they open up a dozen or so porn pages every time you launch your browser. The gullible advertiser thinks you have been spending hours looking at their ads.

A porn site will leave pictures in your temporary Internet files, its URLs (Universal Resource Locators, which are web site addresses) in your browser records, and in some cases may leave its URLs in the Windows Registry. In the case of something like "Child Paysite," this is serious. Possession of child pornography is a US Federal felony. It’s also illegal in many other nations.

Fortunately, courts have held that child porn files in Temporary Internet Files are not a crime. Investigators realize that people can bring up a child porn site by accident.

How do you fight browser attacks? Microsoft Internet Explorer (IE) is the least safe browser on the planet. The first thing you need to do is make sure your IE is the latest version. You can check on the version by clicking Help --> About. Then go to the Windows Update site, http://windowsupdate.microsoft.com/ to see if there is a later version.

Next, turn off all scripting functions (ActiveX, Java and even Javascript) or at least set it up to prompt you before running anything funny.

To do this, click Tools --> Internet Options --> Security --> Custom Level. This brings up a screen like that in Figure 9.

Figure 9: Making IE safer.

To be safe, on every topic pick either "high safety" or "disable". This will prevent your computer from running some programs it would have otherwise downloaded from some web sites. For example, many web sites run automatic news feeds powered by Java or Javascript. The search functions in some web sites are run by ActiveX, Java or Javascript. If you have disabled them they won’t load.

Some web sites, for example http://www.netscape.com/, will alert you when you are missing content on account of ultra high security. Other web sites will just leave a gap where the program would have run.

There’s still more to securing IE. Under Internet Options, click on the Advanced tab. For ultimate security, turn off anything having to do with Java.

If disabling these features ruins too much of the browsing experience, you can always back off to less stringent security settings.

Alternatively, you can run two different browsers, one set on high security and the other on low. When visiting a site with lots of active content that you absolutely trust, use the low security browser.

However, even a familiar web site can turn dangerous. This happened Sept. 18, 2001 when the Nimda worm (officially named W32.nimda@MM) struck. Web sites infected by Nimda could in turn infect the computers of people who visited them. Nimda infected the marketing site for fast-food chain Carl's Jr., consumer-electronics maker Sonicblue, and some 150,000 other web sites.

Once inside the visiting computer, Nimda scanned web browsing records and Outlook and Outlook Express for email addresses, and mass mailed copies of itself to them. Outlook and Outlook Express users who merely opened or previewed these messages also got infected.

As with Outlook, hackers often target IE because it is the most common browser. So another solution is to use a different browser. Netscape has a far better track record, and is easier to make safe. You can download it for free from http://browsers.netscape.com/.

To secure Netscape, click Edit --> Preferences --> Advanced. Disable Java and Javascript. You don’t need to disable ActiveX because Netscape doesn’t run it.

Other free browsers include:

• Opera (http://www.opera.com)/ runs on almost any operating system, even Nokia cell phones.
• Mozilla (http://www.mozilla.com/org) is similar to Netscape. It runs on Windows, Mac OS and Linux. Computer geeks labor for free programming cool stuff for Mozilla such as running Internet Relay Chat bots.
• Neoplanet (http://www.neoplanet.com/) for Windows has the claim to fame of allowing hundreds of ways to customize it ("skins").

CONCLUSION

It would be nice if home computers arrived prepared for the dangers of the Internet. Oh, well. The solution is to:

• use operating systems and programs that aren’t big favorites of hackers
• run your antivirus program in ultra-paranoid mode
• resist the temptation of the click of death
• don’t install weird programs from the back alleys of the Internet
• don’t share files
• don’t let your web browser run scripts
• run a personal firewall

If you do these basic things, you will be safer than the vast majority of Internet users. The bad guys will just have to pick on someone else.