There are plenty of schools of thought on this, but ultimately there are situations where IE is a must-use application. This could be per your company policy or even due to specific Web-site needs. Regardless, there are times when you have to (or want to) use Internet Explorer. For those instances, you will want to make sure that IE is operating as safe as possible. Of course, the definition of "safe" is very fluid. Thankfully there are tools available that allow for such fluidity, while still helping to secure a very popular Web browser.
This blog post is also available in PDF format in a TechRepublic download.
IEController is a handy tool that allows you to:
- Execute/monitor access
- Control the execution of ActiveX controls
- Control the execution of scripts and programs
- Control requests to restrict and control files
- Prevent ads
- Log data traffic
And what is really nice about IEController is that it isn't an installable application. Based on your settings, all this tool does is edit your Windows Registry file and create an icon for that particular instance of IE. You can also use IEController for any application that accesses similar protocols and tools as does IE. This means you can also secure other browsers as well, which is very handy. If it sounds a bit confusing, it's not, once you see it in action. Let's see how this works.
Step 1: Download and extract
The first thing you have to do is download the IEController Zip file and extract this file somewhere on your system. Unpack that file, and you will see the IEController icon. You can always pin this icon to the Start menu for quick access.
Step 2: Run IEControllerDouble-click on the IEController icon to start up the application. The application consists of a single window, housing multiple tabs (Figure A). Each of these tabs handles a different aspect of IE security.
You will see this menu only the first time you open an application with IEController. So you will want to make sure you choose your settings wisely.
Step 3: Walk through the tabs
There are nine tabs, seven of which directly impact the security of Internet Explorer (with the only exceptions being the Configuration and the Log tab). The tabs are as follows:
This tab is where you set up the icons you will use for your various applications. After you make all your configurations, you will come back to this tab and then click the Create Configuration Icon button, which will then place an icon for that configuration on your desktop.
ActiveXThis one is the big one. As you can see in Figure B, this tab can control a number of the less secure IE features.
What you are looking at is the default ActiveX settings in IEController. Add or remove them as per your requirements.
If you click on the Expert Configuration button, a new window will open, allowing you to create unique allowed and disallowed objects. For this, you will need the object's CLSID.
ProgramsFrom this tab (Figure C), you can control which external applications IE can access. Although the list seems a bit on the small side, you can click on the Expert Configuration button and create your own application listings to select from.
To create your own, click Expert Configuration, then choose either black or white list, right-click the pane associated with the list you want to use, and select New Entry. The rest is simple.
FilesFrom this tab (Figure D), you can control what files IE can access. For the most part, this should be self-explanatory.
Just remember that anything checked is allowed. By default, all items are set to allow.
InternetThis tab (Figure E) has some very interesting and powerful options available. From inbound to outbound TCP connections, to VeriSign redirects, and ad servers, you can seriously contain IE from this tab.
Click the Expert Configuration button, and you can even create black/white lists of sites that IE can and cannot connect to.
PrivacyFrom this tab (Figure F), you can set keywords associated with sensitive data in order to prevent certain pieces of information from being transmitted unknowingly. In order to set this, you have to click the check box and then manually add keywords for IE to watch for.
To create a new entry on this tab, right-click the blank area and select New Entry from the menu.
RegistryThis tab (Figure G) is quite important. From here you can disallow write access to the registry. That alone is worth the price of admission. Of course, this tab allows for the configuration of more than just registry settings. You can also set this up such that IE cannot modify the Internet connection as well as register programs for autostart.
By default IE has write access to the registry. If you want to change this, click the box next to Disable Write Access to Registry.
MiscThe final tab (Figure H) offers a few settings not related to any other tab. I have yet to use any configuration from this tab, but you might want to change the System Logging Function to Disallow to aid in the prevention of spyware.
Do not uncheck the Always Notify Dangerous Actions or else you risk bad things happening without your knowing.
Step 4: Create your icon
When you have finally finished your configuration, go back to the Configuration tab and click the Create Configuration Icon and then click the Start button. A new icon will appear on your desktop, and IE will start with your configuration options set. Now, every time you start IE from that icon, it will run with the same configuration. If, however, you run IE from the normal means, it will run with the default configuration.
That's it! You've set up IE as a more secure browser. You can also do this with other applications by simply dragging their icon onto the IEController icon. The IEController application will start and set options for that application. Just remember, you see that configuration window only the FIRST time you run an application with IEController.
IEController is certainly worth a look if you must use Internet Explorer. When you set up IE with this tool, you will find it far more secure than the default.
Stay on top of the latest Microsoft Windows tips and tricks with TechRepublic's Windows Desktop newsletter, delivered every Monday and Thursday. Automatically sign up today!
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.