Results 1 to 4 of 4

Thread: IE access rights and svchost server access

  1. #1
    johncholmes Guest

    Default IE access rights and svchost server access

    I noticed one thing that seems peculiar, and wanted to verify this wasn't a mistake or should not be manually changed by me:

    1. ZAIS 2009, with smartdefense advisor on, grants IE "super trusted" level, and permissions for both access and server status to trusted and internet resources. This seems at odds with the concept of DropMyRights, "run safer" setting (same as dropmyrights) of **bleep** and other efforts.

    2. KIS 2009 places svchost into trusted and does not monitor programs it opens or its internet connections it makes, by default. ZAIS gives it access to all except internet server, which is "?" by default. The first time the user is prompted to allow or deny server status for svchost, however, it makes a global change to "?" to either "allow" or "deny" without regard for the port over which the user prompt was generated. Is there a way to ensure prompts denied or allowed apply a granular rule that applies only to that port in question and not all future queries for any port at any time?

    JH

  2. #2
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,465

    Default Re: IE access rights and svchost server access

    Please Contact ZA Tech Support Directly.. for info on the difference between ZASS 2009 and KIS 2009ZoneAlarm Tech Support and Customer Service do notRead this Forum.. There are two Seperate Web-links for those two services..Customer Service www.zonealarm.com/csform ZA Tech Support (Requires Valid ZA License Key) www.zonealarm.com/tsformZoneAlarm Security Suite version:8.0.059.000
    TrueVector version:8.0.059.000
    Driver version:8.0.059.000
    Anti-virus engine version:6.0.2.678
    Anti-virus signature DAT file version:962748427
    Anti-spyware engine version:5.0.202.0
    Anti-spyware signature DAT file version:01.200810.4795
    AntiSpam version:5.0.61.9957

    Message Edited by GeorgeV on 11-02-2008 05:52 PM
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    johncholmes Guest

    Default Re: IE access rights and svchost server access

    Thanks for the response; however, let me rephrase the questions.
    I am not asking the difference between these programs, rather, I am trying to understand if the default settings in ZAIS that I am seeing here, are indeed, the "safe" ones.
    Rephrased questions are as follows:
    1. ZAIS 2009, with smartdefense advisor on, grants IE "super trusted" level, and permissions for both access and server status to trusted and internet resources. This seems at odds with the concept of giving your internet facing applications restricted rights, which is what many security experts suggest.
    Should IE, or rephrased, is it really "safe" to grant IE SUPERTRUSTED status as well as default permission to fora. ACCESS to TRUSTEDb. SERVER to TRUSTEDc. ACCESS to INTERNETd. SERVER to INTERNETe. ACCESS TO EMAIL SENDING
    That seems like an excessively high privilege to be granting an internet browser, but was set, by default, by SmartDefense Advisor.
    The settings for IE under "program control" are "AUTO".
    I have not fiddled with these access rights, these were default after ZAIS installation on a brand new install of XP pro.
    Thanks,JH

  4. #4
    johncholmes Guest

    Default Re: IE access rights and svchost server access

    Thanks for the response; however, let me rephrase the questions.
    I am not asking the difference between these programs, rather, I am trying to understand if the default settings in ZAIS that I am seeing here, are indeed, the "safe" ones.
    Rephrased questions are as follows:
    1. ZAIS 2009, with smartdefense advisor on, grants IE "super trusted" level, and permissions for both access and server status to trusted and internet resources. This seems at odds with the concept of giving your internet facing applications restricted rights, which is what many security experts suggest.
    Should IE, or rephrased, is it really "safe" to grant IE SUPERTRUSTED status as well as default permission to fora. ACCESS to TRUSTEDb. SERVER to TRUSTEDc. ACCESS to INTERNETd. SERVER to INTERNETe. ACCESS TO EMAIL SENDING
    That seems like an excessively high privilege to be granting an internet browser, but was set, by default, by SmartDefense Advisor.
    The settings for IE under "program control" are "AUTO".
    I have not fiddled with these access rights, these were default after ZAIS installation on a brand new install of XP pro.
    Thanks,JH

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •