secure it
What is Secure-It™ ?
Secure-It is a local Windows security hardening tool developed by Thierry Zoller, it proactively secures your PC by either disabling the intrusion and propagation vectors proactively or reduce the attack surface by disabling underlying functionality malware uses to execure itself.

It secures Windows desktop PCs against new dangers by blocking the root cause of the vulnerabilities exploited by malware, worms and spy ware . In some cases Secure-it is even able to protect your PC against threats prior to a patch release of the vendor.

secure it

Brief details about the Secure-It ™

Other Languages : francais Portuguese

Supported Windows versions :
· Windows 95,98,98SE,ME
· Windows XP
· Windows NT
· Windows 2000
· Windows 2003
secure download
Freeware Release

History of real-life proactive protection :
- [2004] Protected against the Help Active X control exploit in advance.
- [2004] Protected against the second Help Active X control exploit not correctly patched in advance.
- [2004] Protected against the DHTML Active-x Control exploit in advance.
- [2005] Protected against the Microsoft MSHTA Script Execution Vulnerability in advance.


Not convinced ?
A lot of users gave feedback to ask how and what Secure-It exactly does to protect them as they can't understand how something that doesn't stay resident (run all the time) somehow may in fact protect them. The truth is far from that.

In fact Secure-It is the only freeware security solution in the world that blocks vulnerabilities proactively that malware exploits to infect Windows computers.

Do you have a demonstration ?
Here is a link to a sample exploit where NO PATCH from Microsoft exists. Secure-It however protects against this exploit, and from all exploits which use this vector to penetrate your system.

How to test :
- Go to the URL, if you see a Dos command prompt the exploit was successfull.
- Harden your system with Secure-It and reboot.
- Then open the exploit url again. It won't be able to exploit your system !
secure it

System Hardening Feature Set :

· Harden your Local Zone Security (My Computer) settings.
· Proactively disable scripting or Active-X controls which proved potential   propagation vectors in the past.
 · Reduce potential intrusion vectors by disabling non used services.
· Various other protections

 
secure it

What's New :

New in version 1.1 (10/01/2005) :
· Disable dangerous File handlers
- ms-its; ms-itss; its; mk;local; sysimage. Disables Cross domain attacks by malware downloading and executing code with local user privileges.

New in version 1.12 (11/01/2005) :
· Option to only display updates.
· DHTML Edit Control can be disabled. (Exploit)

New in version 1.13 (12/01/2005) :
· Option to disable Windows File Protection and to disable wscript.exe, cscript.exe, ftp.exe, tftp.exe (often used in exploits). An Exploit has been posted by Ferruh Mavituna to circumvent our Shell.Application block by using Wscript.Shell. This option renders the new exploit ineffective.

· Disable potential dangerous Scripting extensions : Exploit scripts have been updated to circumvent our Shell.Application block, now Wscript.Shell is used to run the dangerous code. (If you need to run WFS, VBE, JSE, VBS don't disable)

New in version 1.20 (12/01/2005) :
· Bug fixes : Wrong Text, various spelling errors.
· Bug fixes : Some options didn't show unless you choose UPDATE.
· Run Internet Explorer and Outlook as normal User! (non-admin). Uses code from Microsoft (Michael Howard). This option creates a shortcut link on your desktop which links to a non-admin version of your Internet Explorer and Outlook.
· Changed Signup form to only display when you haven't signed up.
· Added code to autostartup and jump to the correct position if you choose to disable Windows File recovery.

New in version 1.21 (18/01/2005) :
· Protection from the recently discovered Sig2Dat Buffer overlfow. (Kazaa)
  Information

New in version 1.22 (20/01/2005) :
· Bugfix: Task Schedule
· Templates for Beginners and Experts.

New in version 1.23 (13/02/2005) :
· Run files with - untrusted - constrained - normal User rights even if you are logged in as admin. (Right-Click on an exe file)
· Bug fixes.
· Adds Secure links to Outlook and Internet Explorer on your Desktop.

New in version 1.24 (21/02/2005) :
· Bug fixes.

New in version 1.25 (19/04/2005) :
· MSHTA Bug fixe.



System Hardening Details :

· Local Machine Zone (My Computer) Hardening : This option hardens the Local Zone for all the users on this machine. The gracious local Zone settings are often exploited by worms and other mal ware. Important feature, hardens the system against future unknown exploits.

· Disable dangerous File handlers
- ms-its; ms-itss; its; mk;local; sysimage . Disables Cross domain attacks by malware downloading and executing code with local user privileges.

· Run Internet Explorer and Outlook as normal User (non-admin)!
(non-admin). Uses code from Microsoft (Michael Howard). This option creates a shortcut link on your desktop which links to a non-admin version of your Internet Explorer and Outlook.

· Disable potential dangerous Scripting extensions
Exploit scripts have been updated to circumvent our Shell.Application block, now Wscript.Shell is used to run the dangerous code. (If you need to run WFS, VBE, JSE, VBS don't disable)

· Hide Administrative shares : Hides $ Administrative Shares.
· Automatic Logon : If you enable automatic logon, the password is stored in the registry in plain text.
· Safe DLL Search Order : Specifies where Windows should search for components first.

· Services : Disable Remote Registry Service
                 Disable Lanmanserver service
                 Disable Task Scheduler
                 Disable Machine Debugger Manager service
                 Disable NetDDE service
                 Disable Messenger service
                 Disable Universal Plug and Play Device Host

· Disable DCOM : The Distributed Component Object Model (DCOM/RPC) is a protocol that enables software components to communicate directly over a network. Some worms (MSBlaster..) exploit DCOM to propagate.

· Local LMHash Caching : The LM hash is relatively weak compared to the NT hash, and it is therefore prone to fast brute force attack. Therefore, you may want to prevent Windows from storing an LM hash of your password.

· Disable PCT 1.0 : Microsoft IIS Web servers that have SSL installed and PCT enabled but have not applied the patch from April of this year, Microsoft security bulletin MS 04-011, are likely to be targeted for this exploit.

· Disable Shell.Explorer Active-X : Disabling the Shell.Explorer ActiveX object prevents IE exploits from referencing local directories in a window object. This is an proactive measure and it protects against any future break in through this vector.

· Disable Active-X Image Control : Disabling the Active-X Image Control object prevents exploits through this control. Click More information for details about this.

· Disable Shell.Application : Several IE exploits are based on this interface, ADODB.Stream amongst others, disabling this feature also may disable some .HTA files using Shell.Application.

· Disable Shell URL protocol handler : Several IE exploits are based on this interface, ADODB.Stream amongst others, disabling this feature also may disable some .HTA files using Shell.Application.

· Disable HTA Shell : This setting prevents HTA files in web pages or HTML based e-mail from executing. HTA files are often used by malware authors.


How much does it cost ?
Nothing, it is free.

Where can I download it ?
You may download it here.
 
 
 
 
Home Deutsche Seite