grc.com "SheildsUp" lowers IE7 Internet zone security setting ?

R

RJK

Just set up TalkTalk BB / SmartAX MT882 adsl modem/router for a friend:-
2005 Huawei Technologies Co., Ltd
http://www.huawei.com/products/terminal/products/view.do?id=121
Installed ZA, and set IE7's Internet security Zone slider to High, ...and
whilst tweaking things up, and wading around the ridiculous html menus in
the router, to check that NAT was on etc, I went to grc.com | Shields Up and
it reported that port 80 was open, and lots of other service ports were not
stealthed.

Then I noticed that IE7's Internet security zone "slider" had vanished, as
if Custom settings had been set, so I set Default and then yanked it back up
to High, cleared TIF and Cookies, repeated the "Shields up" test whilst
yanking that slider back up to High each step of the way and eventually got
a "Perfect" result.

So, it looks like Steve Gibson can change a persons IE7 Internet Zone
Security settings !!

Anyone know how to prevent this, other than not using Steve Gibsons "Shields
Up."

I think it's a bit of a dirty trick to reduce a customers security settings,
and then report that his port stealthing is inadequate !

regards, Richard
 
P

PA Bear

<VBEG> Now pull the other one, Richard.

RJK wrote:
> Just set up TalkTalk BB / SmartAX MT882 adsl modem/router for a friend:-
> 2005 Huawei Technologies Co., Ltd
> http://www.huawei.com/products/terminal/products/view.do?id=121
> Installed ZA, and set IE7's Internet security Zone slider to High, ...and
> whilst tweaking things up, and wading around the ridiculous html menus in
> the router, to check that NAT was on etc, I went to grc.com | Shields Up
> and
> it reported that port 80 was open, and lots of other service ports were
> not
> stealthed.
>
> Then I noticed that IE7's Internet security zone "slider" had vanished, as
> if Custom settings had been set, so I set Default and then yanked it back
> up
> to High, cleared TIF and Cookies, repeated the "Shields up" test whilst
> yanking that slider back up to High each step of the way and eventually
> got
> a "Perfect" result.
>
> So, it looks like Steve Gibson can change a persons IE7 Internet Zone
> Security settings !!
>
> Anyone know how to prevent this, other than not using Steve Gibsons
> "Shields
> Up."
>
> I think it's a bit of a dirty trick to reduce a customers security
> settings,
> and then report that his port stealthing is inadequate !
>
> regards, Richard
 
E

Ed Metcalfe

"RJK" <notatospam@hotmail.com> wrote in message
news:OgK9lvm8HHA.4880@TK2MSFTNGP03.phx.gbl...
<snip>
> So, it looks like Steve Gibson can change a persons IE7 Internet Zone
> Security settings !!
>
> I think it's a bit of a dirty trick to reduce a customers security
> settings, and then report that his port stealthing is inadequate !
>
> regards, Richard

<snip>

Richard,

grc.com doesn't use any client-side scripting at all so Steve is
*definitely* not changing any IE settings.

Ed Metcalfe.
 
S

Straight Talk

On Sat, 8 Sep 2007 23:59:19 +0100, "RJK" <notatospam@hotmail.com>
wrote:

>Just set up TalkTalk BB / SmartAX MT882 adsl modem/router for a friend:-
>2005 Huawei Technologies Co., Ltd
>http://www.huawei.com/products/terminal/products/view.do?id=121


>Installed ZA,


You installed ZA on his machine? I thought you said he was your
friend?

>and set IE7's Internet security Zone slider to High, ...and
>whilst tweaking things up, and wading around the ridiculous html menus in
>the router, to check that NAT was on etc, I went to grc.com | Shields Up and
>it reported that port 80 was open, and lots of other service ports were not
>stealthed.


>Then I noticed that IE7's Internet security zone "slider" had vanished, as
>if Custom settings had been set, so I set Default and then yanked it back up
>to High, cleared TIF and Cookies, repeated the "Shields up" test whilst
>yanking that slider back up to High each step of the way and eventually got
>a "Perfect" result.


What makes you believe that what "Shields Up" reports has anything to
do with your browsers security settings?

>So, it looks like Steve Gibson can change a persons IE7 Internet Zone
>Security settings !!


Not very likely. It obviously also didn't occur to you that if you
could set IE's security settings to high and some random web page was
able to change that, then first of all IE would have a serious
problem.

>Anyone know how to prevent this, other than not using Steve Gibsons "Shields
>Up."
>
>I think it's a bit of a dirty trick to reduce a customers security settings,
>and then report that his port stealthing is inadequate !


I think it's a bit of a dirty trick to mangle with a friends system
when you have no clue about what you are doing.
 
R

RJK

Oh ! ...well all I can say is "you try it then."
After I got home, and just before I posted, I tried it on my PC at home and
got the same effect !

Start with IE7 Internet Zone slider set to High | go to grc.com Shields up |
and check Common ports.
AND each step of the way check to see if IE7 Internet Zone slider is still
there !!
I think it happens when URL changes from http to https

regards, Richard


"PA Bear" <PABearMVP@gmail.com> wrote in message
news:e5Zycym8HHA.5424@TK2MSFTNGP02.phx.gbl...
> <VBEG> Now pull the other one, Richard.
>
> RJK wrote:
>> Just set up TalkTalk BB / SmartAX MT882 adsl modem/router for a friend:-
>> 2005 Huawei Technologies Co., Ltd
>> http://www.huawei.com/products/terminal/products/view.do?id=121
>> Installed ZA, and set IE7's Internet security Zone slider to High,
>> ...and
>> whilst tweaking things up, and wading around the ridiculous html menus in
>> the router, to check that NAT was on etc, I went to grc.com | Shields Up
>> and
>> it reported that port 80 was open, and lots of other service ports were
>> not
>> stealthed.
>>
>> Then I noticed that IE7's Internet security zone "slider" had vanished,
>> as
>> if Custom settings had been set, so I set Default and then yanked it back
>> up
>> to High, cleared TIF and Cookies, repeated the "Shields up" test whilst
>> yanking that slider back up to High each step of the way and eventually
>> got
>> a "Perfect" result.
>>
>> So, it looks like Steve Gibson can change a persons IE7 Internet Zone
>> Security settings !!
>>
>> Anyone know how to prevent this, other than not using Steve Gibsons
>> "Shields
>> Up."
>>
>> I think it's a bit of a dirty trick to reduce a customers security
>> settings,
>> and then report that his port stealthing is inadequate !
>>
>> regards, Richard

>
 
R

RJK

Oh ! ...well all I can say is "you try it then."
After I got home, and just before I posted, I tried it on my PC at home and
got the same effect !

Start with IE7 Internet Zone slider set to High | go to grc.com Shields up |
and check Common ports.
AND each step of the way check to see if IE7 Internet Zone slider is still
there !!
I think it happens when URL changes from http to https

regards, Richard


"Ed Metcalfe" <edmetcalfe@hotmail.com> wrote in message
news:%23KQ4C6m8HHA.5504@TK2MSFTNGP02.phx.gbl...
>
> "RJK" <notatospam@hotmail.com> wrote in message
> news:OgK9lvm8HHA.4880@TK2MSFTNGP03.phx.gbl...
> <snip>
>> So, it looks like Steve Gibson can change a persons IE7 Internet Zone
>> Security settings !!
>>
>> I think it's a bit of a dirty trick to reduce a customers security
>> settings, and then report that his port stealthing is inadequate !
>>
>> regards, Richard

> <snip>
>
> Richard,
>
> grc.com doesn't use any client-side scripting at all so Steve is
> *definitely* not changing any IE settings.
>
> Ed Metcalfe.
>
 
R

RJK

"Straight Talk" <b__nice@hotmail.com> wrote in message
news:tsb6e31k3pnpcg51gkau7ncccf4i3ac9b5@4ax.com...
> On Sat, 8 Sep 2007 23:59:19 +0100, "RJK" <notatospam@hotmail.com>
> wrote:
>
>>Just set up TalkTalk BB / SmartAX MT882 adsl modem/router for a friend:-
>>2005 Huawei Technologies Co., Ltd
>>http://www.huawei.com/products/terminal/products/view.do?id=121

>
>>Installed ZA,

>
> You installed ZA on his machine? I thought you said he was your
> friend?


....that's a good start, INSTANT indication that you don't know what you're
talking about !
....I thought I'd start with that seeing as that's what you say at the end of
your silly comments.
....Why bother to respond if you haven't got anything sensible or
constructive to say !

>
>>and set IE7's Internet security Zone slider to High, ...and
>>whilst tweaking things up, and wading around the ridiculous html menus in
>>the router, to check that NAT was on etc, I went to grc.com | Shields Up
>>and
>>it reported that port 80 was open, and lots of other service ports were
>>not
>>stealthed.

>
>>Then I noticed that IE7's Internet security zone "slider" had vanished, as
>>if Custom settings had been set, so I set Default and then yanked it back
>>up
>>to High, cleared TIF and Cookies, repeated the "Shields up" test whilst
>>yanking that slider back up to High each step of the way and eventually
>>got
>>a "Perfect" result.

>
> What makes you believe that what "Shields Up" reports has anything to
> do with your browsers security settings?


....you're kidding !!!

>
>>So, it looks like Steve Gibson can change a persons IE7 Internet Zone
>>Security settings !!

>
> Not very likely. It obviously also didn't occur to you that if you
> could set IE's security settings to high and some random web page was
> able to change that, then first of all IE would have a serious
> problem.
>
>>Anyone know how to prevent this, other than not using Steve Gibsons
>>"Shields
>>Up."
>>
>>I think it's a bit of a dirty trick to reduce a customers security
>>settings,
>>and then report that his port stealthing is inadequate !

>
> I think it's a bit of a dirty trick to mangle with a friends system
> when you have no clue about what you are doing.


....from your comments, it's clear that it is you who haven't a clue !
....quite why I wasted my time here I don't know !
 
S

Straight Talk

On Sun, 9 Sep 2007 01:03:16 +0100, "RJK" <notatospam@hotmail.com>
wrote:

>
>"Straight Talk" <b__nice@hotmail.com> wrote in message


>> What makes you believe that what "Shields Up" reports has anything to
>> do with your browsers security settings?

>
>...you're kidding !!!


Please explain to me how your browser settings would influence whether
SU would report open, closed or "stealthed" ports.
 
K

Kayman

"RJK" <notatospam@hotmail.com> wrote in message
news:OgK9lvm8HHA.4880@TK2MSFTNGP03.phx.gbl...
> Just set up TalkTalk BB / SmartAX MT882 adsl modem/router for a friend:-
> 2005 Huawei Technologies Co., Ltd
> http://www.huawei.com/products/terminal/products/view.do?id=121
> Installed ZA, and set IE7's Internet security Zone slider to High, ...and
> whilst tweaking things up, and wading around the ridiculous html menus in
> the router, to check that NAT was on etc, I went to grc.com | Shields Up
> and it reported that port 80 was open, and lots of other service ports
> were not stealthed.
>
> Then I noticed that IE7's Internet security zone "slider" had vanished, as
> if Custom settings had been set, so I set Default and then yanked it back
> up to High, cleared TIF and Cookies, repeated the "Shields up" test whilst
> yanking that slider back up to High each step of the way and eventually
> got a "Perfect" result.
>
> So, it looks like Steve Gibson can change a persons IE7 Internet Zone
> Security settings !!
>
> Anyone know how to prevent this, other than not using Steve Gibsons
> "Shields Up."
>
> I think it's a bit of a dirty trick to reduce a customers security
> settings, and then report that his port stealthing is inadequate !
>


http://www.google.com/search?q=steve+gibson+sucks

http://www.nerdnet.com/?q=node/11
"In case you don't know what a complete f.ing moron Steve Gibson is..."

http://www.securityfocus.com/columnists/382?ref=rss
"...Gibson has a bad track record: a history of latching onto arcane issues
that he doesn't fully understand and can never prove, and converting his
limited understanding into fodder for the next internet melt-down."

....don't shoot the messenger :)
 
S

Straight Talk

On Sun, 9 Sep 2007 07:34:24 +0700, "Kayman"
<kayhkay~nospam~@gmail.com> wrote:

>http://www.securityfocus.com/columnists/382?ref=rss
>"...Gibson has a bad track record: a history of latching onto arcane issues
>that he doesn't fully understand and can never prove, and converting his
>limited understanding into fodder for the next internet melt-down."
>
>...don't shoot the messenger :)


Anyway, if a web page can change security settings in an IE with it's
security settings set to high, first and foremost IE has a problem.

I'm sure the OP's observation is caused by something else. Could well
be ZA.
 
E

Ed Metcalfe

"RJK" <notatospam@hotmail.com> wrote in message
news:%23w670Pn8HHA.3624@TK2MSFTNGP05.phx.gbl...
> Oh ! ...well all I can say is "you try it then."
> After I got home, and just before I posted, I tried it on my PC at home
> and
> got the same effect !
>
> Start with IE7 Internet Zone slider set to High | go to grc.com Shields up
> |
> and check Common ports.
> AND each step of the way check to see if IE7 Internet Zone slider is
> still
> there !!
> I think it happens when URL changes from http to https
>
> regards, Richard
>


Yep, I get the same thing too. I also get it on Yahoo Search, Google and
several others I've tried. It isn't dirty tricks from Steve Gibson.

Ed Metcalfe.
 
E

Ed Metcalfe

"Straight Talk" <b__nice@hotmail.com> wrote in message
news:7sh6e3tq7e7c3dvhfhjbnda9dnlhfr1tmj@4ax.com...
> Anyway, if a web page can change security settings in an IE with it's
> security settings set to high, first and foremost IE has a problem.
>
> I'm sure the OP's observation is caused by something else. Could well
> be ZA.


Definitely not ZA. I've tried it and get the same results (without running
ZA).

Ed Metcalfe.
 
R

Rob ^_^

Hi All,

Same here. Slider control does not appear on the Internet Zone when Level is
Custom. Click the Default Level button and the Slider will re-appear.

Regards.
"Ed Metcalfe" <edmetcalfe@hotmail.com> wrote in message
news:udEh58n8HHA.5424@TK2MSFTNGP02.phx.gbl...
>
> "Straight Talk" <b__nice@hotmail.com> wrote in message
> news:7sh6e3tq7e7c3dvhfhjbnda9dnlhfr1tmj@4ax.com...
>> Anyway, if a web page can change security settings in an IE with it's
>> security settings set to high, first and foremost IE has a problem.
>>
>> I'm sure the OP's observation is caused by something else. Could well
>> be ZA.

>
> Definitely not ZA. I've tried it and get the same results (without running
> ZA).
>
> Ed Metcalfe.
>
 
R

RJK

Thanks for that.

regards, Richard


"Ed Metcalfe" <edmetcalfe@hotmail.com> wrote in message
news:%23UCVa7n8HHA.1168@TK2MSFTNGP02.phx.gbl...
>
> "RJK" <notatospam@hotmail.com> wrote in message
> news:%23w670Pn8HHA.3624@TK2MSFTNGP05.phx.gbl...
>> Oh ! ...well all I can say is "you try it then."
>> After I got home, and just before I posted, I tried it on my PC at home
>> and
>> got the same effect !
>>
>> Start with IE7 Internet Zone slider set to High | go to grc.com Shields
>> up |
>> and check Common ports.
>> AND each step of the way check to see if IE7 Internet Zone slider is
>> still
>> there !!
>> I think it happens when URL changes from http to https
>>
>> regards, Richard
>>

>
> Yep, I get the same thing too. I also get it on Yahoo Search, Google and
> several others I've tried. It isn't dirty tricks from Steve Gibson.
>
> Ed Metcalfe.
>
 
R

RJK

Thanks for the "anti" - Steve Gibson links. I've read quite a few of them
across the years, they're always entertaining !

regards, Richard


"Kayman" <kayhkay~nospam~@gmail.com> wrote in message
news:OMNFLkn8HHA.4752@TK2MSFTNGP04.phx.gbl...
> "RJK" <notatospam@hotmail.com> wrote in message
> news:OgK9lvm8HHA.4880@TK2MSFTNGP03.phx.gbl...
>> Just set up TalkTalk BB / SmartAX MT882 adsl modem/router for a friend:-
>> 2005 Huawei Technologies Co., Ltd
>> http://www.huawei.com/products/terminal/products/view.do?id=121
>> Installed ZA, and set IE7's Internet security Zone slider to High,
>> ...and whilst tweaking things up, and wading around the ridiculous html
>> menus in the router, to check that NAT was on etc, I went to grc.com |
>> Shields Up and it reported that port 80 was open, and lots of other
>> service ports were not stealthed.
>>
>> Then I noticed that IE7's Internet security zone "slider" had vanished,
>> as if Custom settings had been set, so I set Default and then yanked it
>> back up to High, cleared TIF and Cookies, repeated the "Shields up" test
>> whilst yanking that slider back up to High each step of the way and
>> eventually got a "Perfect" result.
>>
>> So, it looks like Steve Gibson can change a persons IE7 Internet Zone
>> Security settings !!
>>
>> Anyone know how to prevent this, other than not using Steve Gibsons
>> "Shields Up."
>>
>> I think it's a bit of a dirty trick to reduce a customers security
>> settings, and then report that his port stealthing is inadequate !
>>

>
> http://www.google.com/search?q=steve+gibson+sucks
>
> http://www.nerdnet.com/?q=node/11
> "In case you don't know what a complete f.ing moron Steve Gibson is..."
>
> http://www.securityfocus.com/columnists/382?ref=rss
> "...Gibson has a bad track record: a history of latching onto arcane
> issues
> that he doesn't fully understand and can never prove, and converting his
> limited understanding into fodder for the next internet melt-down."
>
> ...don't shoot the messenger :)
 
T

Tom [Pepper] Willett

....and always true -)

"RJK" <notatospam@hotmail.com> wrote in message
news:u0ufTlr8HHA.4420@TK2MSFTNGP02.phx.gbl...
| Thanks for the "anti" - Steve Gibson links. I've read quite a few of them
| across the years, they're always entertaining !
|
| regards, Richard
|
|
 
Back
Top Bottom