About:Config in FX security questions

Discussion in 'privacy problems' started by jrx10, Apr 23, 2008.

Thread Status:
Not open for further replies.
  1. jrx10

    jrx10 Registered Member

    Joined:
    Jan 26, 2007
    Posts:
    85
    1st, what's the best way to "lock down" access to about:config for FX in the limited user account? 2nd, is there a link to what to modify in about:config for the best security. 3rd, in 2.0.0.14, what should you modify in about:config to stop any automatic connections to anything not authorized by the user....Safe-browsing connections to Google for example, and basically automatic connections to anything else, Mozilla, Google, Yahoo, etc.
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    jrx10,

    What is the network environment you are in? What are you trying to accomplish with these about-config rules?

    Yes, there are a couple ways to lock down the about config, but are you trying to stop a malicious user, or are you simply trying to make the browser more robust? If the former, you're going to have a significantly harder time.

    steve
     
  3. jrx10

    jrx10 Registered Member

    Joined:
    Jan 26, 2007
    Posts:
    85
    Single user with SW firewall and FW router. I've got spell check turned off and all of the search engines except one deleted from Fx toolbar, as if I need a search engine I've got a whole folder of them in the bookmarks toolbar folder. (BTW, if there's a way to dump the whole search engine entry in the FX top right hand corner, please let me know). I was just wondering what all the references to google/yahoo/bloglines in about:config were for? Are they needed? as I cleared them all w/o, what appears to be, any significant problems. I did make a BU of my settings-folders incase there was a problem.
    Something strange, while just know typing this reply, I'm getting a request over 443 to outbound to 63.245.209.31 which is mozilla. To my knowledge, everything in FX is configured not to auto-update. These are type of strange things/connections that I'm trying to lock down/eliminate, as I have no idea why when only connecting to Wilders that there would be an outbound attempt to try and connect to Mozilla over 443.​
     
    Last edited: Apr 30, 2008
  4. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Is this firefox version for you? is it to be put in a public place for other?

    What attacks are you trying to protect against?

    Realize you are trying to plug holes at OSI Layer 7, which means you're always playing catchup to the hackers/attackers.
     
Loading...
Thread Status:
Not open for further replies.