FF addons - Any decent link scanners left?

I hear through the grapevine that XPL Linkscanner was a good one, but can't be found anymore as AVG bought them out. I wish AVG had kept the addon and just changed the name instead of making you download an external application to use it now.

But is this all moot? How much benefit would it really be anyway? I don't use a web shield, so it wouldn't be overlap (per say), but a file shield will find anything on a page anyway, so it kind of is overlap (or perhaps pointless). And how much will it slow down browsing. I would think it to be resource intensive to scan every single link I so much as mouse over. And for somebody using NS, what is there really running on a page that it could find anyway... until I actually clicked on the link then allowed scripts to run on that page, at which point, again, the AV file shield would nix anything there.

Am I overlooking something here? From my (limited) understanding of the situation it doesn't seem it would be of much use to me. But if I'm wrong I'd like to take a look at it.

Thanks

 

Finjan Secure Browsing

 

I don't know about others, but I'm of the opinion that a link scanner is a LOT less trouble than NS is. LinkScanners can help, but they can't do everything. I don't think a file shield is the same thing, as, I believe, file shields only cover what is already on the system, where a linkscanner/web shield scans internet traffic as you go along. Someone will correct me if wrong. As to your question about already using NS and what it could find, if scripts are globally allowed, as if you didn't have NS, you're at the mercy of whatever script loads on the page, be that a script required for the page to work, or a 3rd party ad server, or, script that downloads a malicious file and runs automatically.

Now, I use Sandboxie, and only allow my browser and specific plugins to not only run, but access the internet. So, if everything I have ever read is right, malicious scripts could load, but they couldn't do anything because nothing else is allowed to run. That being said, I still use NoScript. I don't do it for the security so much anymore though, but because, on a lot of websites, things like Flash ads still run that aren't blocked by my ad-blocker. I can basically control all the 3rd party crap and leave the original website alone to run whatever scripts it needs to work properly.

 

•Obsolete; hasn't been updated in almost 2 years.
•No longer listed at addons dot mozilla dot org.
•Adds 300-500kb of bloat to prefs.js.
•Unresolved issues tagging outgoing gmail as unsafe.

 

luciddream,

I think AVG's free linkscanner is actually pretty good and has little or no impact on performance.

The important thing to remember with linkscanner is that is scans in real time, all the time, and it checks to see if a link/page you are going to is going to try to deliver malware to your system (i.e., it doesn't scan for malware downloads - your AV takes care of that).

 

NS is no problem for me at all, but I hear a lot of people say that. I simply whitelist 1'st party scripts on the handful of sites I need for the proper functionality to work... and that's that. It makes pages load quicker, and safer. I'm certain that a file shield (on any AV worth having anyway) will block the file before it gets onto your computer. In Avira the "Deny access" option takes care of that.

From what I'm gathering a web shield/link scanner can intercept it before you even click on the link and go to the site, so it stops it at an earlier point of entry. But either way the file shield/guard is going to eventually going to kill it before it gets to you anyway. This is why a lot of people consider web guards moot and a waste of resources. I've seen many say they disabled the webguard in Avira Premium because of it. Denying access with the regular guard accomplishes the same means to an end.

The argument FOR the web guard would be that it could stop you from entering the site to begin with. On that site could be various malware, and your sigs/heuristics might detect some, but not others. With only the file shield those "others" would get into your system once you entered that site... whereas the web guard would block the site/link altogether as long as it detected 1 piece of malware. So it's certainly not useless altogether.

And allowing scripts globally with NS?... who would ever do that? Would seem to defeat the purpose a bit.

Thanks InfinityAz... how about compatibility? I would just enable the web shield in Avast if I wanted this protection, but what about an Avira Free user? This AVG linkscanner would seem to compliment the regular guard well. Has anybody used Avira Free + AVG Linkscanner in tandem? If they play well together I'll recommend it to a friend that uses Avira.

Thanks

 

The problem with NS is, there aren't just a "handful" of websites that won't work properly with it fully enabled, but many websites. Even something as simple as a scroll bar "next page" button, all require scripts to run. So while yes, NS isn't a hassle in that you have to allow EVERY script, you have to allow enough that it soon gets to you. Especially when it isn't clear which script actually enables the disabled functions and which scripts are just some 3rd party crap you can/should ignore.

If you have other protection in place (I'm in Sandboxie), globally allowing scripts isn't as dangerous as you'd first think. NS contains a lot more protections than just allowing/denying scripts. Even if you allow globally, the protections against cross-scripting work, ABE, web bugs, IFRAME, all that still works fine. I myself visit different websites enough that constantly whitelisting the top domains becomes a hassle.

About web scanners, I agree somewhat. I don't mind if my scanner blocks things before they even have a chance to get to my system, in fact, it's preferable. Perhaps with an actual link scanner such as AVG, a web shield becomes a waste. However, what resources were freed by killing the web shield will just get taken by the stand alone link scanner. So, I guess it's a matter of choice and, of course, whichever seems more effective.

 

It certainly depends on the user. I don't visit many sites at all where scripts are needed for functionality, and the few that do have the appropriate scripts whitelisted. I do know about NS's other features.

In my case I've found Sandboxing to be a hassle. Updates were not catching even after setting exceptions to allow as such. I have to remember to run things outside of it if I want anything to stick, or dig through the virtual part of the drive to find it and move it over later. The one built into Comodo FW/HIPS just WILL NOT stick Firefox addon updates no matter what you do, even if ticking "Automatically detect installers/updaters and run them outside the sandbox" & "Automatically trust files from trusted installers". I tired of the whole sandboxing thing really quick personally. To be fair I didn't give it much time though and it was when it was in it's infancy. I'm sure it's improved, especially the paid version of Sandboxie. If I had the extra coin I might give it a second look.

To each his/her own.

 

Web of Trust is great. Linkscanner gives most WOT red sites a green rating. 0_o yea good job scanning the site.

 

Yeah WOT is nice, I use it. I'd guess the reason is most of those sites don't actually contain malware, but are red because of child protection (porn sites) and other reasons. So the link scanner wouldn't find anything wrong with it.

I think I recall it (AVG LS) not playing nicely with Avast5. In fact I think it may have asked me to uninstall Avast to proceed with installation... at which point I'm sure I laughed out loud. I could be wrong though, it was awhile back. If so it was probably because of the web shield. So it may work fine with Avira Free (which lacks one)?

 

WOT is reliable enough to ditch the others...

 

I typed in "Screen saver" into Google and just about all the sites were red or yellow on WOT. Why? For malware. Linkscanner gave EVERY site green.

 

Comodo has mental issues, so you're not alone in hating that sandbox. With Sandboxie though, you need to only allow either the Firefox bookmarks and history database or the entire profile folder if you wish. You can even allow just certain addons, all this is found under "Applications" in your sandbox settings. Sandboxie does things a bit different than Comodo...meaning it does things right and doesn't "forget" anything the next time it has to do it again. And no, Comodo hasn't improved in that. The paid version of Sandboxie is only useful if you just CAN'T be restricted to using only one sandbox at a time and just HAVE to force programs to run in a sandbox.

Honestly, how difficult is it to right-click a program and choose "run sandboxed"? The one sandbox at a time rule is highly annoying, but still not annoying enough to spend 40 dollars.