Using FF2.0.0.4 and NIS2007 I was at the hackerwhacker site testing some configs: http://www.hackerwhacker.com/ Go to "free tools" for scanners :- Using NoScript: With javascript enabled the site was able to read (some of) my files Javascript off = no read The site as it seems do many scanner sites, requires java enabled. I go to other sites that often require java enabled for full function: I dont want any files on display !! I posted here: http://forums.mozillazine.org/viewtopic.php?p=2958794#2958794 And had reply as noted. OK: i have a problem now with NIS ( heh heh) which other Firewalls will stop this type of exploit or does it have to be a router (which I have been putting off for a while) ?? Any advice appreciated. Any tips on routers with NAT for the terminally dense would be appreciated also. EDIT: as a corollary: how do FW stop java exploits in a browser window if scripting enabled?
As far as routers go, I set up a D-Link 604 between my pc and cable modem. Installation was a url that lead me to a config.-wizard that took 3-5 min. to set-up. Easier than even Comodo firewall, even with a network of home pc's (4)...
I don't believe that it's a firewall's job to stop any legitimate traffic on port 80. If you are allowing your browser to do tcp outbound, then any appropriate return traffic will be allowed also according to spi rules etc. Whether you have a router or not makes no difference. If you want to block javascript or whatever, then use NoScript in Firefox. I also think you're allowing that testing site to scare you for no good reason...
Seems like javascript and Java are being confused with each other here. NoScript can control both. Are you refering to both, or just javascript?
Yes could be me, I'm not entirely sure what I'm asking ( which is why I'm asking) See images for my FF settings and NoScript settings I surf in or out of sandbox with NoScript on default forbid unless on whitelist. This is an allegedly reputable scanner site. Does anyone else see the same thing in the file viewer at the bottom of the page?