Browser Security

Discussion in 'privacy general' started by FireDancer, Aug 14, 2003.

Thread Status:
Not open for further replies.
  1. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Hi Everyone,

    I have recently really started to get into my computer and it's security. I have learned alot form a few here about firewalls but now I am fighting with browser security and what a proper set up would be so that I do not transmit or at least as little as possible out into the world via the internet.

    I am currentley useing Mozilla 1.4 (just started) as it seems to load faster and has alot of tools for pop ups and cookie control. I really dont understand how to set up a browser for maximum security as I am new to all this.

    What I have done for now is set cookies to flag first party cookies and at sites with no privacy policys and to reject ALL 3rd party cookies. If I disable all cookies I have problems logging to sites I frequent. I have disabled all Java scripts.

    Is there anymore I can do for my security and privacy?
    I recently ran some test on my firewall at www.pcflank.com and one thing that came up was that my privacy needed help. I am not sure what settings I can alter for maximum privacy and security.

    I use Ad ware 6.0 , Spyblaster, HiJackThis, Spybot S&D
    Is this enough? And do I I need to run adware before or after Spy Bot? As I know Adware will sometime pick up on some of the stuff in Spy Bot.

    Any comments would be greatly appreciated.

    Very Best Regards,
    FireDancer
     
  2. AplusWebMaster

    AplusWebMaster Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    239
    Location:
    Philadelphia, PA, USA
    ;) No mention of a firewall?...
     
  3. solarpowered candle

    solarpowered candle Registered Member

    Joined:
    Jan 9, 2003
    Posts:
    1,181
    Location:
    new zealand
    I think Pc flank firewall test ,favours the firewalls that have good privacy features ( ie zonelarm 4 or EZ or outpost) whilst firewall developers that dont have such tend to say that a firewall should be a firewall only and not deal with privacy. But in an increasinghly sophistocated world I favour a firewall that can provide those protections as well, for we just never know what the next vulnerablility is or where it shall come from .
     
  4. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Hi Aplus and Solar,

    I am currently running Kerio 2.1.5 and as to the mention of
    www.pcflank.com I am not sure that I totaly trust there results due to the fact that I have tested there and in one test (the quick test) it comes up that there are vunerabilities with ports 135 annd 139 but in the stealth test the same ports come up STEALTHED!! hmmm wonder why that is?


    As far as the browser test pcflanks test says my browser ...in not so many words needs help but at www.GRC.com i belive it is I do a header test and it does not display anything worth worring about.

    At this time I feel I am secure with all aspects of my firewall rules and browser settings (Mozilla 1.4) I have currenty set for first party cookies to deny any sites with NO privacy policys what so ever to deny and with sites that need my consent to flag. Third party cookies are all REJECT!!

    I dont think that www.pcflank.com tests are valid to the point that some people might like there settings tweaked differantly then others.. hence the word settings. (to make the way you want LOL :D )

    Any comments or advice is always greatly appreciated.
    thanks for your responces.

    Very Best Regards,
    FireDancer
     
  5. AplusWebMaster

    AplusWebMaster Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    239
    Location:
    Philadelphia, PA, USA
    ;) You can continue further testing here:
    http://www.apluswebmaster.net/brwsrtst.html
    ...where a fairly comprehensive list of browser test sites is posted.
    - But keep in mind, the "perfect test" will not be found for quite sometime. Neither will the perfect O/S, firewall, or security measure since they have not yet been invented. 99% should make you feel pretty good about it, IMHO.
     
  6. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    Hey FireDancer

    I've found that PCFlank has tainted results, while I don't care about the referer, or user-agent sent by the browser, their scans have been very incorrect at times.

    Example:
    I get full stealth at every other scan site, and log the packet as blocked.

    I don't have anything listening on port 137, yet it finds it open. I check the logs the packet wasn't even sent to me, and if it did somehow get past my firewall it would only get a closed response.

    So I don't trust PCFlanks results anymore.
     
  7. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    BltzenZues,

    I couldnt aggree more with you, as I felt after all the discussions and what I have learned from you and others about firewall issues/setup that pcflanks test were very inaccurate or as you put it tainted. I ran ALL test available to me at pcflank and the very first test that gripped my A$$ so much was the Quick test (ports check, trojan horse, and privacy). Thier full stealth test shows me 100% stealthed... questionable at the least or very contradictive.

    The results were saddening when I first saw them.. I thought geeeshh all that hard work on my firewall and it says 135 and 139 are visable :( and then I got to thinking.. maybe I should check my logs and it was as I thought I did not recieve anything in loggs that would indicate a packet being sent to me. As you stated should of got a closed responce at least for 139. or at least I thought.

    I then went to GRC.com and re ran all test and got a full stealth on all ports 137, 138, 139 and 135. and I got the same results as you did in my logs all logged and blocked. Plus I got a logg on my all lower ports blocked.

    EDIT: I misspoke and I am sorry the above test were done with out a router in front and that is why I recieved loggs. Further more I am now back behind the router and I am not set up for DMZ nor have I forwarded traffic.. results would be LinkSys would handle the traffic and I would not see loggs as it is now

    Regardless I get same results without the loggs 100% stealth and I still feel that pcflank is inaccurate


    Hi APlus,

    Thanks for the site and the recommendation I will use them when time permits and post back to you on results. Who knows maybe I will see something good :)

    Very Best Regards to both of you,
    FireDancer
     
  8. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Kudos to Aplus Webmaster,

    Thanks for the link to browser security tests. I chose
    http://www.jasons-toolbox.com/BrowserSecurity/
    as it supported my current browser (Mozilla 1.4).

    Test are for ActiveX, All Java control, cookies, pop ups
    and as well at the end of a test there are recommendations as to how to better your browser security if needed.

    It was easy to use and understandable as well as
    thourough I belive and I would recommend the test to all.

    Thanks again Aplus and BTW enjoy the cookie :) hope it's yummy (Aplaud) :)

    Regards,
    FireDancer
     
  9. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I use Beonex browser because of its excellent security controls.

    Beonex is Mozilla-based, but has several extra security features, all of them easily configurable from "Edit>Preferences>Privacy& Security" menu.

    At PC-flanks browser test, it gigged me for letting the Referrer be accessed. I have Beonex configured so that it fakes the referrer [some web sites don't work with referrer totally blocked.] In other words, Beonex *fooled* the PC-flank test.

    It's a nice, speedy, free, friendly, secure, stable browser. You might want to give it a spin one of these days.
     
  10. solarpowered candle

    solarpowered candle Registered Member

    Joined:
    Jan 9, 2003
    Posts:
    1,181
    Location:
    new zealand
    Firedancer as you are using mozilla ( Im using firebird 6.1)
    there is a nice link for browser mozilla security topics as well as heaps of other mozilla reading on a unofficial site
    http://mozilla.gunnars.net/mozilla_privacy_and_security_tutorial.html
    also more info http://mozilla.gunnars.net/mozfaq_use.html#faq_browser_general
     
  11. Roine

    Roine Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3
    Location:
    Sweden
    I tried Beonex when I saw your post and it's great,had never heard of it before that.
     
  12. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I'm happy that you like it.

    If, after you use it a while, you still like it, it would be nice if you posted this fact to the Beonex mailing list at...
    http://www.beonex.com/communicator/support/private/

    I think the folks who gave birth to Beonex need & deserve our support.

    People who write FREE software often have a thankless job. It's like operating a soup kitchen -- folks come in, help themselves to the free food, then grumble because they got salisbury steak instead of porterhouse.

    Such, alas, is life.

    Grace & peace to all who enter here.....bellgamin
     
  13. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    I disagree. Privacy is privacy, security is security , 2 different matters.

    Besides isnt the favoured philisophy of this forum ,layered defences?
     
  14. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hi FireDancer... :)

    I agree with previous posts... One should definitely look at FireBird and Beonex.

    IMHO, the third option one can not afford to ignore is Opera...

    Latest stable dwl to be found at http://www.opera.com/download/

    Nice trio to choose from ;)

    Rgds, Crockett :cool:
     

    Attached Files:

    • O1.gif
      O1.gif
      File size:
      11.5 KB
      Views:
      1,726
  15. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    Er Why? Mozilla 1.4 is as secure as Firebird. There are no security benefits for switching.
     
  16. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hi JayK :)

    Right - I agree Mozilla is as secure as FB...

    I was talking about those three because they are much easier to configure than Mozilla's complexity.

    All due respect to Moz' too (Moz' is FireBird's big brother anyway). ;)

    Rgds, Crockett :cool:
     

    Attached Files:

  17. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    I disagree. Firebird looks simple, but that is at the cost of removing many useful options in the interface. For a new comer more wants control control over their browser and the freedom to tweak it to their hearts content (most of the people here I expect) it's much easier to tick a box in the options menu, then to alter the various external files in the chrome directory ,or play with it via about:Config

    Quick, how do you change the master password in FB? In Mozilla it's in privacy and security, but where is it in FB? Even if you know the answer, you must admit it's a aroundabout way to do it.
     
  18. crockett

    crockett Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    333
    Hi JayK ;)

    When talking about Moz' complexity, I was referring to what you said in http://www.wilderssecurity.com/showthread.php?t=14890;start=0

    Now, I certainly ain't a specialist about Mozilla... I'm always running one of the other three (Opera, FBird/Phoenix or Beonex). So there's no way I could disagree with you about Mozilla since I don't know it well enough.

    Hope my comments and ignorance about Mozilla didn't offend you. :)

    BTW, nice job by the admins - now our Avatars have all been Halloweened :D

    Rgds, Crockett :cool:
     

    Attached Files:

Loading...
Thread Status:
Not open for further replies.