Locking down your browser.

Discussion in 'other software & services' started by The Red Moon, Oct 14, 2012.

Thread Status:
Not open for further replies.
  1. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Hello and good day to all.

    Ive often heard mentioned in this forum the term."lock down your browser."
    Im currently using firefox and the extensions i have are.:
    WOT.
    ADBLOCK.
    LASTPASS.
    HTTPS EVERYWHERE.
    NOSCRIPT.
    BD TRAFFICLIGHT.
    Are these enough or do i need to do additional things.o_O
    Thank you kindly.:thumb:
     
    Last edited: Oct 14, 2012
  2. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    The best thing you can do is to prevent compromised websites from ever appearing in your browser.

    Download and install Blue Coat's K-9 Web Administration.

    Reboot the computer - launch your browser and then log into the K-9 User Interface. Select Custom and put a check in the phishing, malware and scam boxes. Save and then exit it.

    Now no dangerous site can be entered, provide a web link to click on or drop a drive by payload to your computer.

    Prevention will keep you safe online. BitDefender TL can warn you of sites not to go to.
     
  3. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Hi.
    I forgot to mention im using BD trafficlight also.
    As for K-9 well the comments on CNET download.com kind of put me off that program to be honest.:argh:
     
  4. Get

    Get Registered Member

    Joined:
    Nov 26, 2009
    Posts:
    384
    Location:
    the Netherlands
    I would add Betterprivacy and Keyscrambler. Quickjava is handy.
     
  5. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    well i run firefox sandboxed .
    ive uninstalled java as i dont see me needing it.
    Thank you for the suggestions.:thumb:
     
  6. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    Its easy enough to configure - it isn't perfect - it does show a few false positives but nothing that you can't get to if you want to. But if you block the bad sites first they can't do damage. Now if only I could block malicious code in Skype, I would be happy! :)
     
  7. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    Using Both WOT and BD TRAFFICLIGHT?
     
  8. Get

    Get Registered Member

    Joined:
    Nov 26, 2009
    Posts:
    384
    Location:
    the Netherlands
    I wanted to suggest sandboxie, but saw that in your signature. Quickjava isn't only handy for quick en/disabling Java, but also for javascript, flash, silverlight, cookies, automatically loading images and animated images.
     
  9. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    363
    Firefox has a urlclassifier3.sqlite. This is what it does:

    urlclassifier3.sqlite is the database that contains a list of "bad sites". This is updated by Google while Firefox is running if you have Block reported attack sites and/or Block reported web forgeries checked under the Security Tab in Tools > Options>Security.
     
  10. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    I wouldn't either, but that's just me. In my opinion, WOT is too reliant on user opinions and is generally only useful for flagging "spammy" websites than it is for security. On my machine, I could never get BD to stop slowing my browsing to a crawl, so I dropped it. HTTPS Everywhere is not something I'd rely on either as it relies on a whitelist of supported websites and can break them at times. If you're really just looking to lock things down, NoScript is your answer. AdblockPlus will also be helpful for annoying or malicious 3rd party trackers/ads.
     
  11. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    I'd only use NS, AdBlock and Lastpass. You're already sandboxing FF as it is, plus you're using EMET to fortify things further. Btw, you can find WOT info for a site by using the middle-click button in NS.
     
  12. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    I sometimes get my years and months mixed up, maybe because I'm getting old. But I seem to remember there being a problem with the updates google provided to firefox. There was some news, maybe 6 months ago or so, that a report came out showing google chrome blocking malicious sites at a better rate than some other browsers or maybe it was a test result specifically against firefox..and the test may have been sponsored by google. Anyway, google apparently scored better but news came out later that google had cut off updates to firefox for a month while keeping updates going for chrome. Then the test against malicious web sites was ran with firefox scoring poorly.

    Does anyone remember this? It seems like this happened right before the firefox/google partnership announcement from a few months or a year ago.

    The troubling issues were that google would cut off security dates to firefox and then have some sort of security test. Another thing was that I don't remember firefox ever warning users that updates had been stopped.
     
    Last edited: Oct 14, 2012
  13. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    363
    This a link I found from 2009: http://www.informationweek.com/internet/security/google-chrome-update-scheme-beats-firefo/217300466 Google Chrome Update Scheme Beats Firefox, Safari, Opera.

    There must be more articles about the above though.

    As what Firefox's urlclassifier3 is concerned, excerpt: http://www.mozilla.org/en-US/firefox/phishing-protection/
    Although some may think that this post is off topic, I believe it's not. Reason for that is that there is already phishing and malware protection in Fx. Adding more features of a similar nature may result in slower browsing?

    OT: I deleted urlclassifier3 because of its size (63.5 MB) I knew that it would generate itself when starting to use Fx again. It did and now the size has shrunk a bit to about 55 MB.
     
  14. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,087
  15. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    That looks like it may be it. I believe there was some press release by google comparing its superior safe browsing to firefox though. And later it was alleged that google had stopped updating the firefox blacklist url's for a month leading up to the test.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Firefox had not moved to the SafeBrowsing v2 yet, which includes file reputation. That's the discrepancy.
     
  17. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    There really isn't much you can do except keep updated with patches. The only thing that would stop me from moving to chrome would be lack of a No-script style plugin.

    Disable/whitelist JAVA/Flash plugin/PDF plug in and your very much on your way. & Block 3rd party cookies.
     
  18. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,087
    I think Firefox had begun using Safe Browsing API v2 long before that NSS test began and it still doesn't utilize the (not officially documented) API for checking downloaded files.

    https://developers.google.com/safe-browsing/
     
  19. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    There are loads of 3rd party browser add-ons that'll improve security to some extent,also impacting upon performance to varying degrees.Personally I reckon running the browser in a well-configured Sandboxie with EMET is enough.
     
  20. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Yes i run firefox sandboxed all the time except for updating etc.
    Ive also got EMET installed too.
    As for a well configured sandboxie well that im not sure about.I installed and ran at default sandboxie.:thumb:
     
  21. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    By well configured I'm referring to the settings whereby you can restrict what exactly can run or access the internet.Also "drop rights" and restricting or blocking access to various resources hardens the protection.

    With that in place you should be all but immune,even in its "vanilla" state SBIE is immense.:thumb:
     
  22. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Yes i absolutely agree with you and thanks.:thumb:
    Also i have what i consider the best security program installed also so i feel quite secure at the moment.:thumb: :thumb: :cool:
     
Loading...
Thread Status:
Not open for further replies.