LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-18-2006, 05:19 PM   #1
mattydee
Member
 
Registered: Dec 2006
Location: Vancouver, BC
Distribution: Debian
Posts: 462

Rep: Reputation: 39
Web browsing security/privacy strategies


Ok, I hope this subject hasn't been discussed ad nauseam, but a quick thread search didn't yield exactly what I was looking for.

Summary of safe surfing strategies:

1. Use Firefox's keep cookies until I close Firefox, with appropriate exceptions. (Of course, you could go with the option of having Firefox ask you every time, but I find this impractical).

2. No script is a good extension to deal with possibly dangerous scripts.

3. Use "about:config" to disable third party cookies. Set network.cookie.cookie behavior to 1.

4. McAfee SiteAdvisor is also a good tool that will warn you of potentially dangerous/untrustworthy sites.

I think these steps pretty much cover all the basics, but I'm sure people have additional ideas.

HOWEVER, what is missing in Linux is the ability to preemptively block bad cookies, which is what programs like Spybot S&D and SpywareBlaster offer. Of, course you could use Firefox's exceptions rules, but that requires the user to be aware of all known bad cookies/domains, and manually enter them as exceptions.

I suppose this could also be achieved by means of the hosts file, but is there a program that can handle this automatically, as well as be able to regularly update its database/rules?

If there is a Spybot S&D equivalent in Linux, I would love to know about it!

Thanks
 
Old 12-18-2006, 05:35 PM   #2
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid
Posts: 4,732
Blog Entries: 12

Rep: Reputation: 455Reputation: 455Reputation: 455Reputation: 455Reputation: 455
Spyware really isnt an issue in LInux.

I use Firefox + NoScript + CookieSafe along with Privoxy, block third party cookies, and have it set to ask every time. Anything I don't need everyday like mail and forums, I set to use For Session. I also turn the prefetch and search engine suggest off.

To get rid of most annoying ads I use Stylish with the Ad Blocking FiltersetP, I also use a host file from http://www.mvps.org/winhelp2002/hosts.htm, that I edit since most of the carp that is dangerous to windows has no effect on Linux, I leave just the annoying ad sites mostly.

The following user.js settings get rid of a lot of annoying web crap, especially when used with NoScript and Stylish.

/* Disable network prefetching/search engine suggest */
user_pref("network.prefetch-next", false);
user_pref("browser.search.suggest.enabled", false);

/* Put an end to blinking text! */
user_pref("browser.blink_allowed", false);

/* Disable image animation */
user_pref("image.animation_mode", "none");

/* Disable scrolling marquees */
user_pref("browser.display.enable_marquee", false);

/* Block 3rd party cookies */
user_pref("network.cookie.cookieBehavior", 1);

Last edited by craigevil; 12-20-2006 at 08:43 AM.
 
Old 12-18-2006, 06:05 PM   #3
mattydee
Member
 
Registered: Dec 2006
Location: Vancouver, BC
Distribution: Debian
Posts: 462

Original Poster
Rep: Reputation: 39
Quote:
Originally Posted by craigevil
Spyware really isn't an issue in Linux.
I agree with you there, but what interests me isn't Spybot's ability to detect/remove spyware (as you said, this is mainly a Windows issue... for now) but rather Spybot's ability to preemptively block known, bad cookies.

I will look into the options you listed. I suppose you could also write a script that automatically updates your hosts file from a trusted source, such as the site you mentioned...
 
Old 12-19-2006, 01:54 AM   #4
live_dont_exist
Member
 
Registered: Aug 2004
Location: India
Distribution: Redhat 9.0,FC3,FC5,FC10
Posts: 257

Rep: Reputation: 30
The flip side or so it seems..about "CookieSafe" that seems to follow an "AllowAll" principle by default unlike "NoScript" which follows a "DenyAll" by default. Still very useful..will soon check out Privoxy..maybe tonight when I get home from work

Cheers
Arvind
 
Old 12-20-2006, 07:58 AM   #5
bbjmmj
LQ Newbie
 
Registered: Dec 2006
Posts: 8

Rep: Reputation: 0
There is a simple way :

Xterminal + su + start firefox from shell
 
Old 12-20-2006, 07:15 PM   #6
mattydee
Member
 
Registered: Dec 2006
Location: Vancouver, BC
Distribution: Debian
Posts: 462

Original Poster
Rep: Reputation: 39
Quote:
Originally Posted by bbjmmj
There is a simple way :

Xterminal + su + start firefox from shell

Wouldn't that be less secure?
 
Old 12-20-2006, 08:04 PM   #7
bbjmmj
LQ Newbie
 
Registered: Dec 2006
Posts: 8

Rep: Reputation: 0
Sorry ! I'm wrong , it doesn't work .
Quote:
Originally Posted by mattydee

Wouldn't that be less secure?
 
Old 12-20-2006, 08:22 PM   #8
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid
Posts: 4,732
Blog Entries: 12

Rep: Reputation: 455Reputation: 455Reputation: 455Reputation: 455Reputation: 455
Quote:
Originally Posted by bbjmmj
There is a simple way :

Xterminal + su + start firefox from shell
That would be running a web browser as "root", which is a very insecure thing to do. NEVER run a browser as root.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Book Review: Network Security Hacks: Tips & Tools for Protecting Your Privacy LXer Syndicated Linux News 0 11-24-2006 01:24 AM
Security / privacy risk with sharing DSL line? robbbert Linux - Networking 7 05-12-2006 02:06 AM
Valid Security Tool or Instrusion of Privacy? firefly2442 General 11 08-19-2004 12:02 AM
Web browsing... ade Linux - General 3 01-11-2003 07:58 AM
Web Browsing Problems ryanstrayer Linux - General 6 02-06-2002 04:41 PM


All times are GMT -5. The time now is 08:54 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration