IE6, Restricted zones and scripts

  • Thread starter Thread starter Nikolaos D. Bougalis
  • Start date Start date
N

Nikolaos D. Bougalis

Lately it seems that vibrantmedia.com and their particular
brand of annoying "helpful" links are cropping up
everywhere.

I decided to add "vibrantmedia.com" to the restricted
sites zone, but to my surprise, IE still happily
downloaded and ran the script. A cursory examination of
the website source code showed the way the script loads:

<script defer language=javascript
src=http://itxt.vibrantmedia.com/system/liveintellitxt.asp?
IPID=4></script>

Now, I am forced to wonder: if vibrantmedia.com (and by
extension, all its subdomains) is on the restricted zone,
why does IE even attempt to download that script, when --
clearly -- the script is served off a restricted zone?
Should it not be smart enough to realize that this script
is pulled from a restricted zone?

Nik Bougalis
-
 
Nikolaos,
A lot depends on how you entered the entry for the Restricted Zone.
To place *all* of vibrantmedia.com sites there, use the following:

"*.vibrantmedia.com" (no quotes)

So go back to the Restricted Zone and highlight the previous entry,
click: Remove, then add the above - including the "*." (wildcard).
FYI: "*.vibrantmedia.com" already exists in the below file:

Adding Sites to the Internet Explorer Restricted Zone
http://mvps.org/winhelp2002/restricted.htm

Note: vibrantmedia is also targeted in my HOSTS file (see below)
[example]
127.0.0.1 vibrantmedia.com #[Restricted Zone site]
127.0.0.1 itxt.vibrantmedia.com
127.0.0.1 usads.vibrantmedia.com
127.0.0.1 usnews.vibrantmedia.com
127.0.0.1 www.vibrantmedia.com
____________________________________________________________
Mike Burgess [MVP Windows Shell\User] http://www.mvps.org/winhelp2002/
Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file
http://www.mvps.org/winhelp2002/hosts.htm [updated 12-15-03]
Please post replies to this Newsgroup, email address is invalid
 
Hello and thanks for your answer.

I originally added "*.vibrantmedia.com" (without the
quotes) and the script was still pulled in.

As a software engineer, I find the zone implementation
either fundamentally flawed, or broken. If I add a domain
to a zone, then, anything loaded from that domain -- even
if loaded by inclusion from a third-party site (i.e. cross-
site) -- should be ran in the context of the security zone
to which their domain belongs, and the whole website
should appear to be in "mixed" mode (which could allow IE
to add a nifty dialog, to display what was part of which
zone when a user double-clicks on the "zone" indicator in
the tray.)

Also note, that adding them to the hosts file will, of
course, prevent their stuff from working in the first
place, regardless of which zone their domain is assigned
to, since the connection to 127.0.0.1 will either fail
completely, or return a 404, or somesuch.

Nik Bougalis
 
Nikolaos,
"and the script was still pulled in"
Click to expand...
True .. the Restricted Zone does NOT prevent basic webpage files
from being downloaded ..... however it *should* prevent the script
from running. If not then reset the Restricted Zone.
http://mvps.org/winhelp2002/restricted.htm

Your theory about the domains is correct, however many of these
culprits use "re-directs" where a malious file(s) may be pulled from
another server. Now if that server is not in the Restricted Zone, then
it functions as to whatever setting you have in the "Internet Zone".

You should modify a few of these to protect yourself ....
See: "Recommended Minimal Security Settings"
http://www.mvps.org/winhelp2002/unwanted.htm

You should also consider: (I use it myself)
Qwik-FixT provides another layer of essential security
by closing off the pathways that worms and viruses use
to penetrate your PC.. http://www.qwik-fix.net/
____________________________________________________________
Mike Burgess [MVP Windows Shell\User] http://www.mvps.org/winhelp2002/
Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file
http://www.mvps.org/winhelp2002/hosts.htm [updated 12-15-03]
Please post replies to this Newsgroup, email address is invalid
--

Nikolaos D. Bougalis said:
Hello and thanks for your answer.

I originally added "*.vibrantmedia.com" (without the
quotes) and the script was still pulled in.

As a software engineer, I find the zone implementation
either fundamentally flawed, or broken. If I add a domain
to a zone, then, anything loaded from that domain -- even
if loaded by inclusion from a third-party site (i.e. cross-
site) -- should be ran in the context of the security zone
to which their domain belongs, and the whole website
should appear to be in "mixed" mode (which could allow IE
to add a nifty dialog, to display what was part of which
zone when a user double-clicks on the "zone" indicator in
the tray.)

Also note, that adding them to the hosts file will, of
course, prevent their stuff from working in the first
place, regardless of which zone their domain is assigned
to, since the connection to 127.0.0.1 will either fail
completely, or return a 404, or somesuch.

Nik Bougalis
-----Original Message-----
Nikolaos,
A lot depends on how you entered the entry for the Restricted Zone.
To place *all* of vibrantmedia.com sites there, use the following:

"*.vibrantmedia.com" (no quotes)

So go back to the Restricted Zone and highlight the previous entry,
click: Remove, then add the above - including the "*." (wildcard).
FYI: "*.vibrantmedia.com" already exists in the below file:

Adding Sites to the Internet Explorer Restricted Zone
http://mvps.org/winhelp2002/restricted.htm

Note: vibrantmedia is also targeted in my HOSTS file (see below)
[example]
127.0.0.1 vibrantmedia.com #[Restricted Zone site]
127.0.0.1 itxt.vibrantmedia.com
127.0.0.1 usads.vibrantmedia.com
127.0.0.1 usnews.vibrantmedia.com
127.0.0.1 www.vibrantmedia.com
Click to expand...
Click to expand...
 
Back
Top