February 01, 2005
Enough is Enough
COMPUTER SECURITY SIG REPORT We talked about a tool that secures Internet Explorer (IE) while making it easier to access web pages that needs it's "capabilities". The tool, "enough is enough" (EiE) was written by Eric Howes from the English Department at Indiana University. His URL is listed at the end of this report. Remember a while back, in the General Meeting Steve Gibson talked about using IE safely. He said to secure it so that nothing could get through and then add certain sites to your list of trusted sites. Unfortunately, you have to jump through so many hoops that it isn't practical for many. But EiE makes this easier by animating one of these tasks and putting the other only a click away. You want to be careful when trusting a site. Those special IE capabilities include running worms and viruses that don't affect other browsers. (Not that other browsers don't have their own problems.) I want control over who can run a program on my computer. Don't you? EiE puts two buttons on IE's task bar. One to trust the site you are at and the other to disallow it. If you are familiar with IE's "internet options", you may have figured that this puts the web-site into a "web zone". So if ever need to, you can go into the web-zones and change things the way you want them. But for most of us, EiE's standard settings is good enough. When you first run the downloaded program (ENOUGH.EXE) you are asked where you want to install it. It chooses C:\ENOUGH as a default. If you are like me, you'll worry that it might make a whole installation which changes the registry, your start-up folder, ad nauseam. But all it does is decompress files into a folder. Afterwards you can run it on another machine, there is no problem using those same batch files on another machine. Just be sure to have all the files and all the folders in C:\ENOUGH available. Since you'll lose the ability to reset the settings, it's probably not a bad idea to just run the program ENOUGH.EXE on each system. There are two batch files (.BAT). My understanding is that INSTALL.BAT is for a complete installation/uninstallation and INST-BUT.BAT will to let you choose what you want. But both have capabilities to do partial installs/uninstalls. I've found that INSTALL.BAT is best for partial uninstallations, INST-BUT.BAT is best for partial installations, and either will do for complete installations or uninstallations. The part of EiE that I don't like is the way the batch files are named. It's really not a big deal but having to uninstall by using the install batch file doesn't feel right. But then, neither does having to shut-down by clicking the start button. The author's (Eric Howes) web site is a treasure of information on privacy, security, and more. The first time I went there, I was taken back by the fact that it was from an English Department. It seems that his site started as an exercise in technical writing and he ended-up a security guru. It still amazes me how well written it is. Eric Howe's web site: https://netfiles.uiuc.edu/ehowes/www/main-nf.htm You'll find the download for Enough is Enough in the middle of the left side of the screen.
SECSIG meets in the Science building 203 at 11:15 am.
By attending the SECSIG you can ask questions and open discussions about troubling situations you are having now.
The RSS feed address is http://ocsecsig.blogspot.com/atom.xml
Dave Keays, SIG leader