Bypassing Security Constraints

Trusted Sites Zone

Many sites won't "work" well, if at all, when you set the Internet security level for Internet Explorer to custom, medium or high. But you can bypass those constraints. Leave the security level for the "Internet" zone where you want it. Set the security level for the "Trusted Sites" zone to low. When a site that you're sure is trustworthy just won't work, add it to the "Trusted Sites" zone. It will work fine then. Here's how to do it:

Click Tools (View in IE 4.0) > click Internet Options > click the Security tab > click the Trusted Sites icon > click the "Sites..." button > unclick "Require server verification (https:) for all sites in this zone" as shown in the screenshot..

Enter the domain (see example below) of the Web site you want to add in the "Add this Web site..." line > click Add > click OK > click OK again. You should now see the "Safe Sites" symbol (green checkmark) in your IE Status bar*.

* To make the Status bar visible, click View in your IE menu > click the Status bar option.

Trusted site example

Suppose you do online banking. Let's say you start at http://www.banker.com, which takes you to the secure site -- https://secure.banker.com -- to sign in. Enter *.banker.com as a trusted site and IE will use the security settings for Trusted sites instead of the generic ones for the Internet zone. The "*" is a "wildcard" that substitutes for anything in front of the domain "banker.com", including http://, https://, http://www and https://secure or anything else as long as the domain is banker.com.

Bypass a proxy

You probably don't use a proxy, but in case you do, here's how to bypass it for selected sites: Click Tools (or View in IE 4) > Internet Options > Connections. Select (click) the dial-up connection you want to use > click "Settings..." and under "Proxy server", click "Advanced...". In the "Exceptions" window, enter the domains you want have bypass the proxy. For example you might have the following list: *.amazon.com; *.banker.com; *.byte.com; *.coldwatercreek.com; *.homedepot; ... Be sure that you have the semicolons and wildcards just right for each domain or none of them will work.

Windows scripting host

Some unenlightened sites still need Windows scripting host to work properly. If you used Symantec's "Noscript.exe" program to disable Windows scripting host, as I recommended, you can easily re-enable WSH if you need it temporarily. Put a shortcut to noscript.exe on your Desktop or in your "Start" menu to make it easier.

• map of security section

•windows settings

•browser settings

• email security
• web smarts
• catalog of threats
• elements of defense
• security software
• strong passwords
• 7 steps to security
• bullet-proof security
• WiFi and hotspot security
• how to wipe your hard drive
• how to remove malware

• attack vectors: deception: the #1 threat; spam and scams; phishing; bogus and booby-trapped webpages; poisoned ads, comments, etc.; popup warnings; drive-by email; attachments; downloads; social and p2p networks; hackers and worms
• malicious content: spyware; viruses and worms; trojans

"Nationalism is the strange belief that one country is better than another by virtue of the fact that you happen to be born there." --George Bernard Shaw