Browser Security

Hi Everyone,

I have recently really started to get into my computer and it's security. I have learned alot form a few here about firewalls but now I am fighting with browser security and what a proper set up would be so that I do not transmit or at least as little as possible out into the world via the internet.

I am currentley useing Mozilla 1.4 (just started) as it seems to load faster and has alot of tools for pop ups and cookie control. I really dont understand how to set up a browser for maximum security as I am new to all this.

What I have done for now is set cookies to flag first party cookies and at sites with no privacy policys and to reject ALL 3rd party cookies. If I disable all cookies I have problems logging to sites I frequent. I have disabled all Java scripts.

Is there anymore I can do for my security and privacy?
I recently ran some test on my firewall at www.pcflank.com and one thing that came up was that my privacy needed help. I am not sure what settings I can alter for maximum privacy and security.

I use Ad ware 6.0 , Spyblaster, HiJackThis, Spybot S&D
Is this enough? And do I I need to run adware before or after Spy Bot? As I know Adware will sometime pick up on some of the stuff in Spy Bot.

Any comments would be greatly appreciated.

Very Best Regards,
FireDancer

 

No mention of a firewall?...

 

I think Pc flank firewall test ,favours the firewalls that have good privacy features ( ie zonelarm 4 or EZ or outpost) whilst firewall developers that dont have such tend to say that a firewall should be a firewall only and not deal with privacy. But in an increasinghly sophistocated world I favour a firewall that can provide those protections as well, for we just never know what the next vulnerablility is or where it shall come from .

 

Hi Aplus and Solar,

I am currently running Kerio 2.1.5 and as to the mention of
www.pcflank.com I am not sure that I totaly trust there results due to the fact that I have tested there and in one test (the quick test) it comes up that there are vunerabilities with ports 135 annd 139 but in the stealth test the same ports come up STEALTHED!! hmmm wonder why that is?


As far as the browser test pcflanks test says my browser ...in not so many words needs help but at www.GRC.com i belive it is I do a header test and it does not display anything worth worring about.

At this time I feel I am secure with all aspects of my firewall rules and browser settings (Mozilla 1.4) I have currenty set for first party cookies to deny any sites with NO privacy policys what so ever to deny and with sites that need my consent to flag. Third party cookies are all REJECT!!

I dont think that www.pcflank.com tests are valid to the point that some people might like there settings tweaked differantly then others.. hence the word settings. (to make the way you want LOL )

Any comments or advice is always greatly appreciated.
thanks for your responces.

Very Best Regards,
FireDancer

 

You can continue further testing here:
http://www.apluswebmaster.net/brwsrtst.html
...where a fairly comprehensive list of browser test sites is posted.
- But keep in mind, the "perfect test" will not be found for quite sometime. Neither will the perfect O/S, firewall, or security measure since they have not yet been invented. 99% should make you feel pretty good about it, IMHO.

 

Hey FireDancer

I've found that PCFlank has tainted results, while I don't care about the referer, or user-agent sent by the browser, their scans have been very incorrect at times.

Example:
I get full stealth at every other scan site, and log the packet as blocked.

I don't have anything listening on port 137, yet it finds it open. I check the logs the packet wasn't even sent to me, and if it did somehow get past my firewall it would only get a closed response.

So I don't trust PCFlanks results anymore.

 

BltzenZues,

I couldnt aggree more with you, as I felt after all the discussions and what I have learned from you and others about firewall issues/setup that pcflanks test were very inaccurate or as you put it tainted. I ran ALL test available to me at pcflank and the very first test that gripped my A$$ so much was the Quick test (ports check, trojan horse, and privacy). Thier full stealth test shows me 100% stealthed... questionable at the least or very contradictive.

The results were saddening when I first saw them.. I thought geeeshh all that hard work on my firewall and it says 135 and 139 are visable and then I got to thinking.. maybe I should check my logs and it was as I thought I did not recieve anything in loggs that would indicate a packet being sent to me. As you stated should of got a closed responce at least for 139. or at least I thought.

I then went to GRC.com and re ran all test and got a full stealth on all ports 137, 138, 139 and 135. and I got the same results as you did in my logs all logged and blocked. Plus I got a logg on my all lower ports blocked.

EDIT: I misspoke and I am sorry the above test were done with out a router in front and that is why I recieved loggs. Further more I am now back behind the router and I am not set up for DMZ nor have I forwarded traffic.. results would be LinkSys would handle the traffic and I would not see loggs as it is now

Regardless I get same results without the loggs 100% stealth and I still feel that pcflank is inaccurate


Hi APlus,

Thanks for the site and the recommendation I will use them when time permits and post back to you on results. Who knows maybe I will see something good

Very Best Regards to both of you,
FireDancer

 

Kudos to Aplus Webmaster,

Thanks for the link to browser security tests. I chose
http://www.jasons-toolbox.com/BrowserSecurity/
as it supported my current browser (Mozilla 1.4).

Test are for ActiveX, All Java control, cookies, pop ups
and as well at the end of a test there are recommendations as to how to better your browser security if needed.

It was easy to use and understandable as well as
thourough I belive and I would recommend the test to all.

Thanks again Aplus and BTW enjoy the cookie hope it's yummy (Aplaud)

Regards,
FireDancer

 

I use Beonex browser because of its excellent security controls.

Beonex is Mozilla-based, but has several extra security features, all of them easily configurable from "Edit>Preferences>Privacy& Security" menu.

At PC-flanks browser test, it gigged me for letting the Referrer be accessed. I have Beonex configured so that it fakes the referrer [some web sites don't work with referrer totally blocked.] In other words, Beonex *fooled* the PC-flank test.

It's a nice, speedy, free, friendly, secure, stable browser. You might want to give it a spin one of these days.

 

Firedancer as you are using mozilla ( Im using firebird 6.1)
there is a nice link for browser mozilla security topics as well as heaps of other mozilla reading on a unofficial site
http://mozilla.gunnars.net/mozilla_privacy_and_security_tutorial.html
also more info http://mozilla.gunnars.net/mozfaq_use.html#faq_browser_general

 

I tried Beonex when I saw your post and it's great,had never heard of it before that.

 

I'm happy that you like it.

If, after you use it a while, you still like it, it would be nice if you posted this fact to the Beonex mailing list at...
http://www.beonex.com/communicator/support/private/

I think the folks who gave birth to Beonex need & deserve our support.

People who write FREE software often have a thankless job. It's like operating a soup kitchen -- folks come in, help themselves to the free food, then grumble because they got salisbury steak instead of porterhouse.

Such, alas, is life.

Grace & peace to all who enter here.....bellgamin

 

I disagree. Privacy is privacy, security is security , 2 different matters.

Besides isnt the favoured philisophy of this forum ,layered defences?

 

Hi FireDancer...

I agree with previous posts... One should definitely look at FireBird and Beonex.

IMHO, the third option one can not afford to ignore is Opera...

Latest stable dwl to be found at http://www.opera.com/download/

Nice trio to choose from

Rgds, Crockett

 

Er Why? Mozilla 1.4 is as secure as Firebird. There are no security benefits for switching.

 

Hi JayK

Right - I agree Mozilla is as secure as FB...

I was talking about those three because they are much easier to configure than Mozilla's complexity.

All due respect to Moz' too (Moz' is FireBird's big brother anyway).

Rgds, Crockett

 

I disagree. Firebird looks simple, but that is at the cost of removing many useful options in the interface. For a new comer more wants control control over their browser and the freedom to tweak it to their hearts content (most of the people here I expect) it's much easier to tick a box in the options menu, then to alter the various external files in the chrome directory ,or play with it via about:Config

Quick, how do you change the master password in FB? In Mozilla it's in privacy and security, but where is it in FB? Even if you know the answer, you must admit it's a aroundabout way to do it.

 

Hi JayK

When talking about Moz' complexity, I was referring to what you said in http://www.wilderssecurity.com/showthread.php?t=14890;start=0

Now, I certainly ain't a specialist about Mozilla... I'm always running one of the other three (Opera, FBird/Phoenix or Beonex). So there's no way I could disagree with you about Mozilla since I don't know it well enough.

Hope my comments and ignorance about Mozilla didn't offend you.

BTW, nice job by the admins - now our Avatars have all been Halloweened

Rgds, Crockett