Firefox browser users increasing volume, easy to use at the same time, the user will have concerns about security, don't be afraid, there are 6 points the browser security settings, all completely dispel doubts.
1. modify the useragent FF, enter about: config to add general.useragent.override set to GoogleBot1.2 (+ http://www.google.com/bot.html) you can also set into the other. Set as googlebot visits after some site restrictions, such as gmail, yahoo, wiki. Use the firefox plugin to switch the useragent can also. 2. install security plug-in installation NOSCIRPT and FIREKEEPER. In the inside settings prohibit NOSCIRPT "JAVA/ADOBEFLASH/SILVERLIGHT/other plug-ins/IFRAME" anyway, as long as the prohibition of all tick. Select the trusted site still application of these restrictions, but these settings do not affect use. 3. install TOR and TORBuTTON on some Web sites that use TOR browsing. But do not use TOR to into E-mail or something .fbi and heaven are many sniffableexitnode. 4. remove the file association wma/avi/swf files in these formats, the default open/play automatically. This is very dangerous, while others can use these objects to determine the operating system version, and if so the Windowsmediaplayer overflow baofengyingyin also affect f. In file type all files inside the types of action set to be saved to local disk-if you want to see flash, regardless of the flas. 5. Anti XSS/CRS have noscirpt and firekeeper, would prevent cross site these should do very well. But just in case, you have to set up. The privacy of exit FIREFOX when I check on the data. So every time you quit what is firefoxcookie emptied. Someone send a URL to your point about anything, nor will it steal cookie or something. 6. preventing other EXP and grab 0DAY above settings have been safer. But not enough! firekeeper can help. The following is a rule firekeeper alert (body_content: "anih | 24000000 |" ; Body_re: "/^ RIFF. * $. * anih anih (?! $)/s"; msg: "possibleMSANIexploit"; reference: url, http://www.determina.com/security.research/vulnerabilities/ani-header.html;) in the same vein, we can determine any jpg, gif inside is not contain specific file header. In this way to judge is not a true picture. But really if picture overflow, there is in the file header. Could have prohibited, but such a prohibition, no browser. So I gave the firekeeper some keywords: unescape eval 0x0A0A0A0A 0x0d0d0d0d 0x0c0c0c0c payload continuous 5% u *% u *% u * continuous 5 & # ...... So not only can prevent, lucky maybe you can catch what 0day.
No comments:
Post a Comment