Reply
 
Thread Tools Display Modes
  #1  
Old 02-03-2012, 08:41 PM
zippy99 zippy99 is offline
Junior Member
 
Join Date: Feb 2012
Location: Romania
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default Hardening Firefox
Very useful Addons for Firefox/Iceweasel

AdBlock Plus - Adblock Plus allows you to regain control of the internet and view the web the way you want to.
Beef Taco - Sets permanent opt-out cookies to stop behavioral advertising by 102 different advertising networks
BetterPrivacy - BetterPrivacy is a safeguard which protects from usually not deletable LSO's on Google, YouTube, Ebay...
Ghostery - Protect your privacy. See who's tracking your web browsing and block them with Ghostery.
HTTPS Everywhere - It encrypts your communications with a number of major websites.
NoScript - Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks.
OptimizeGoole - Enhance Google search results and remove ads and spam
RefControl - Control what gets sent as the HTTP Referer on a per-site basis.
RequestPolicy - Be in control of which cross-site requests are allowed.
TrackMeNot - Protects users against search data profiling.
Beefree addon (save it and drag it in firefox window and not install xpi directly)
You can test also Anonymox

Add subscriptions in AdBlock to lists:
Easylist
http://dev.mathiasbaert.be/misc/face...t-opt-out.html

Disable Geolocation in Firefox:
about:config
geo.enabled --> false

Confuse user agent info:
about:config
create string general.useragent.override and set it to "Dummy"
verify here

Some tweaks:
network.http.pipelining true
network.http.pipelining.maxrequests 8
network.http.pipelining.ssl true
network.http.proxy.keep-alive true
network.http.proxy.pipelining true

Edit /etc/hosts and add actualized list from here:
hosts

use more secure search engines:
https://www.startpage.com/
https://www.duckduckgo.com/

Last edited by zippy99; 02-04-2012 at 05:27 AM.
Reply With Quote
  #2  
Old 05-04-2012, 03:07 AM
sg1efc sg1efc is offline
Senior Member
 
Join Date: Jan 2012
Location: USA
Posts: 257
Thanks: 449
Thanked 8 Times in 8 Posts
Default
A great list, Thanks a lot.

Originally Posted by zippy99 View Post
Edit /etc/hosts and add actualized list from here:
hosts
I see in that PCBSD directory files such as:
hosts
hosts.deniedssh
hosts.deniedssh.purge.bak

and a couple others. To make certain, the plain Hosts file is similar to the Windows host file, in that it Blocks all the items saved in the PCBSD Host file? PCBSD newbie here and just want to make certain it works the same way. Thank you for your help.
__________________
PC-BSD totally rocks! Thanks A Lot to everyone who has helped create and improve it.

http://www.nwbackup.com
Reply With Quote
  #3  
Old 05-04-2012, 03:25 AM
cabpa cabpa is offline
Senior Member
 
Join Date: Feb 2012
Posts: 668
Thanks: 40
Thanked 7 Times in 7 Posts
Default
Originally Posted by zippy99 View Post
Very useful Addons for Firefox/Iceweasel

AdBlock Plus - Adblock Plus allows you to regain control of the internet and view the web the way you want to.
Beef Taco - Sets permanent opt-out cookies to stop behavioral advertising by 102 different advertising networks
BetterPrivacy - BetterPrivacy is a safeguard which protects from usually not deletable LSO's on Google, YouTube, Ebay...
Ghostery - Protect your privacy. See who's tracking your web browsing and block them with Ghostery.
HTTPS Everywhere - It encrypts your communications with a number of major websites.
NoScript - Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks.
OptimizeGoole - Enhance Google search results and remove ads and spam
RefControl - Control what gets sent as the HTTP Referer on a per-site basis.
RequestPolicy - Be in control of which cross-site requests are allowed.
TrackMeNot - Protects users against search data profiling.
Beefree addon (save it and drag it in firefox window and not install xpi directly)
You can test also Anonymox

Add subscriptions in AdBlock to lists:
Easylist
http://dev.mathiasbaert.be/misc/face...t-opt-out.html

Disable Geolocation in Firefox:
about:config
geo.enabled --> false

Confuse user agent info:
about:config
create string general.useragent.override and set it to "Dummy"
verify here

Some tweaks:
network.http.pipelining true
network.http.pipelining.maxrequests 8
network.http.pipelining.ssl true
network.http.proxy.keep-alive true
network.http.proxy.pipelining true

Edit /etc/hosts and add actualized list from here:
hosts

use more secure search engines:
https://www.startpage.com/
https://www.duckduckgo.com/
Can firefox be built with this hardened configuration or you must manually add/configure this additional security addons/configs so that we can have a firefox hardened version?
Reply With Quote
  #4  
Old 05-08-2012, 10:26 AM
Tigersharke Tigersharke is offline
Senior Member
 
Join Date: Sep 2010
Location: Saint Paul, MN
Posts: 167
Thanks: 31
Thanked 37 Times in 26 Posts
Default
It would likely increase the size of a 'hardened' Firefox PBI, plus add to the problem of multiple addon versions which any number of them could become out of date at any time. It is much better to know about a useful set of addons strongly encouraged to be used.

In addition to the above list, I would add three more:

Share me not - designed to prevent third-party buttons (such as Facebook's “Like” or Twitter's “tweet” button) embedded by sites across the Internet from tracking you until you actually click on them.

HTTPS Finder - automatically detects and enforces valid HTTPS connections as you browse, as well as automating the rule creation process for HTTPS-Everywhere (instead of having to manually type "https://" in the address bar to test, and writing your own XML rule for it).

Element hiding helper for Adblock Plus - a companion extension for Adblock Plus meant to make creating element hiding rules easier. You simply select the element you want to be hidden and then choose which attributes of this element should be taken into account when hiding it in future. The element hiding rule is generated and added automatically.
Reply With Quote
  #5  
Old 05-29-2012, 12:45 AM
zippy99 zippy99 is offline
Junior Member
 
Join Date: Feb 2012
Location: Romania
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default
hello again!
Practical Third-Party Privacy for the Social Web:
http://priv3.icsi.berkeley.edu/

for Firefox 11+ in about:config set SPDY to TRUE value:
network.http.spdy.enabled TRUE

another great tool is DNSCrypt - encrypts all DNS traffic between you and OpenDNS:
https://blog.opendns.com/2011/12/06/...nd-about-time/
http://www.reviewlinux.com/encrypt-d...ndns-3857.html

DNS Cache with BIND:
http://www.pclinuxos.com/forum/index.php?topic=99575.0

Last edited by zippy99; 05-29-2012 at 01:05 AM.
Reply With Quote
  #6  
Old 05-30-2012, 11:34 AM
sg1efc sg1efc is offline
Senior Member
 
Join Date: Jan 2012
Location: USA
Posts: 257
Thanks: 449
Thanked 8 Times in 8 Posts
Default
Thanks a lot Zippy and Tigersharke for these new security and privacy tips.
__________________
PC-BSD totally rocks! Thanks A Lot to everyone who has helped create and improve it.

http://www.nwbackup.com
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:05 AM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

Copyright 2005-2010, The PC-BSD Project. PC-BSD and the PC-BSD logo are registered trademarks of iXsystems.
All other content is freely available for sharing under the terms of the Creative Commons Attribution License.