About
SurfinShield Xtra security settingsThe default security violation
weightsSecurity
alertsJava Applets StatisticsDanger
level display| About
SurfinShield Xtra security settings |
| The default security violation
weights |
| Security
alerts |
| Java Applets Statistics |
| Danger
level display |
About SurfinShield Xtra Security Settings
SurfinShield Xtra default security settings enforce the following security options, in order to provide your system with the maximum protection:
To modify the security settings, click the Settings button on the main screen.
When SurfinShield Xtra detects a security violation attempt by an applet (Java applet or ActiveX control), it marks the applet as suspicious and issues an alarm. SurfinShield Xtra kills the applet and adds it to the Suspicious Applets Database to prevent it from being loaded in the future. For more detailed information, see Managing Applets.
ActiveX Security
Protection
Unlike Java applets, which are
run in the protected environment of the Java Virtual Machine
(using the ‘sandbox’ model), ActiveX controls are not
separated from the operating system of your computer. This means
that an ActiveX control can be automatically downloaded from a
web site and then run on your system, having full execution
rights to all of the files on your system.
SurfinShield Xtra protects your computer by placing restrictions on the access of ActiveX controls to files on your system. SurfinShield Xtra implements Finjan’s X-box security model, which restricts ActiveX controls from installing of accessing files outside of the specified permissions.
By default, SurfinShield Xtra allows ActiveX controls access only to selected directories. (This enables basic functionality of ActiveX controls.) ActiveX controls are prevented from establishing a network connection to any web site (except for the originating host of the control). In addition, they are prevented from affecting other programs in the Windows registry.
SurfinShield Xtra allows you to fully control the file access permissions of ActiveX controls. For example, you can specify a specific directory or file on your system for which ActiveX controls will have read or write permission.
To view or modify the file access permissions for ActiveX controls:
SurfinShield Xtra defines the severity of a security breach using ‘weights’ that are assigned to different functions. The weights are set in the Weights tab in the Settings window. (Note, however, that in most cases you do not need to modify these weights.)
The following table describes the various weights assigned to particular functions.
| Function Name | Description in "Activity Log" | Weight |
| Read file | security.file.read | 90 |
| Write file | security.file.write | 90 |
| Delete file | Unknown Security Exception | 90 |
| Execute local file | security.exec | 90 |
| Security Exceptions - System Properties | ||
| Read hidden properties | security.properties | 30 |
| Replace properties file | security.file.write | 90 |
| Security Exceptions - Sockets | ||
| Connect to a network port | security.socket.connect | 80 |
| Security Exceptions - Processes | ||
| Kill the browser | security.exit | 50 |
| Execute local program | security.exec | 80 |
| Security Exceptions - Libraries and Name Spaces | ||
| Load the dynamic library | security.link + security.exec | 90 |
| Create the new classloader | security.classloader | 90 |
| (The following is taken from netscape.applet.appletSecurity) | ||
| Modify the thread | security.thread | 40 |
| Modify the threadgroup | security.threadgroup | 40 |
| Read the file by descriptor | security.fd.read | 90 |
| Write file by descriptor | security.fd.write | 90 |
| Listen to port | security.socket.listen | 80 |
| URLConnect | security.protocol. http, https, ftp, gopher, file | 90 |
| Package access | package.restrict.access | 40 |
| Package definition | package.restrict.definition | 40 |
New Applet Alert
When a new applet comes on board, an audible notification is
given, the event is logged and the applet button containing a
green light indicator is added to the main screen.
Suspicious Applet Alert
Whenever an applet is
already in the Suspicious Applet Database (and the "Prevent
loading of Suspicious applets" options in the Settings
window is checked), it is prevented from being loaded into the
system and therefore no warning is given. The requested HTML page
will be shown on your browser normally, except for the Applet
display area which will remain as a rectangular gray (background)
area. This event is shown on the Applets Activity Log.
Whenever an applet attempts a security breach, its status changes to a Suspicious Applet and a warning is sounded. The light indicator on the Applet button on the main screen changes to red.
Threshold Alert
When any of the four thresholds defined in the Statistics options
are exceeded, a threshold alert is given. This indicates that one
or more of the monitored system resources has become dangerously
overloaded by the applet(s) currently in the system.
Viewing the statistics displays should provides more detailed information as to the type of resource in question. Clicking the Kill-All button on the main screen will terminate all applets currently on the system and free the system resources.
The Statistics window provides you with information regarding the following:
| Option | Description |
| % of Memory In Use | Indicates the amount of memory that is currently being used by all Java applets, expressed as a percentage of the Java allocated memory. |
| Applets Running | Shows the number of Java applets that are currently running |
| Security Exceptions | Shows the number of security exceptions that have been attempted by the Java applets and ActiveX controls currently in the system. |
| Media Tracker | Shows the number of GIF files currently in the system, which were loaded by Java Applets. |
To access SurfinShield Xtra Statistics, click the Statistics Button.
 |
To switch between display modes, click the appropriate button below the large display, to the left. |
 |
The digital display appears in the center, below the large display and gives you the status numerically. |
 |
To display further Statistics Options, click either the left or right arrow situated at the base of the display in the center. Each click moves the display one frame in the direction of the arrow clicked. | |
For each of the statistics option, you can also set the threshold.
 |
To adjust the Threshold, click the appropriate Up or Down Arrow. |
SurfinShield Xtra presents two types of Danger Level Displays - that of the specific Applet and that of the whole Java environment.
| Level Differentiators: | ||
| Overall
System Index Overall Applet Index |
0 - 200 0 - 100 |
|
| Dangerous | RED RANGE | 80 - 200 |
| Moderately Dangerous | YELLOW RANGE | 70 - 80 |
| Low Danger | GREEN RANGE | 0 - 70 |
Applet Danger Level
The Applet Danger Level Display shows the gravity of security
attacks caused by a specific Applet. To view the Applet Danger
Level Display, click the appropriate Applet Button and select the
Security Option Tab.
System Danger Level
Display
The System Danger Level
Display shows the accumulative weight of all suspicious Applets
that are currently in the system. When an Applet is killed,
either automatically or manually, the Danger Level is reduced by
the weight of that Applet. You are thus provided with an
indication of the gravity of security attacks caused by browsing
through certain Web sites.
To view the System Danger Level Display, revert to the main screen. The System Danger Level Display appears in the right hand sector of the Status Bar.