Firefox Security Settings Summary

As Firefox browsers become increasingly popular in China, Firefox security settings have become the primary precaution for us to effectively use Firefox browsers. Here we will introduce an article on Firefox security settings, this allows users to take precautions when browsing the Internet.

Firefox security settings 1. Modify useragent

In FF, enter about: config to add general. useragent. override.

Set to GoogleBot 1.2 (html "> http://www.google.com/bot.html)

You can also set it to another one.

After being set to googlebot, access to some sites is restricted, such as yahoo, wiki, and gmail. You can use the firefox plug-in to switch between useragents.

Firefox Security Settings 2. Install the Security plug-in

Install noscirpt and firekeeper

In NOSCIRPT, disable JAVA/adobe flash/SILVERLIGHT/other INS/IFRAME. If it is disabled, check all.

Select to apply these restrictions to trusted sites.

These settings do not affect usage.

Firefox Security Settings 3. Install TOR and TORBuTTON

Use TOR to browse untrusted websites. But do not use a tor to send emails or anything. The fbi and tianchao both set a lot of sniffable exit nodes.

Firefox Security Settings 4. Cancel File Association

By default, wma, avi, and swf can be automatically enabled or played. this is dangerous. On the one hand, you can use these objects to determine the operating system version. In addition, windows media player overflow may also affect ff.

In the file type, set all file-type actions to save to the local disk. If you want to view flash, No matter flash.

Firefox Security Settings 5. XSS/CRSF Protection

There are noscirpt and firekeeper, which should have done well in anti-Cross-Site defense. But you have to set it just in case.

Clear my data when I quit FIREFOX.

In this way, every time you exit the firefox cookie, it will be cleared. If someone else sends a url for you to click something, it will not steal cookies or anything.

Firefox Security Settings 6. prevent other EXP attacks and catch 0-day attacks

The above settings are safe. But not enough.

Firekeeper can help.

The following is a rule of firekeeper.

Alert (body_content: "anih | 24 00 00 00 |"; body_re: "/^ RIFF. * anihx24x00x00x00. * anih (?! X24x00x00x00)/s "; msg:" possible ms ani exploit "; reference: url, http://www.determina.com/security. research/vulnerabilities/ani-header.html;) Similarly, we can determine whether any jpg or gif contains a specific file header. in this way, you can determine whether the image is true or not.

However, if the image overflows, the file header is still yes. You can also disable it, but if this is the case, it will be meaningless for the browser.

So some of the keywords I provide for firekeeper are

Unescape

Eval

0x0A0A0A0A

0x0d0d0d0d

0x0c0c0c0c

Payload

For five consecutive % u *

5 In a row &#

And so on.

In this way, we can not only defend against the attack, but we may be able to catch any 0day if we are lucky.