Wednesday, November 11, 2009

Mozilla Firefox Basic to In-depth Home Computer Security Guide Page 20

Mozilla Firefox:

This is the second most popular web browser that people use to access the Internet and
consequently needs coverage as well. The following instructions are for Mozilla Firefox running on a Microsoft Windows machine. The most popular version 1.5 and 2.0 all offers.

1. Pop-up Blockers:

As with IE, Mozilla Firefox, henceforth Firefox, also provides a Pop-up blocker. This can be accessed by clicking 'Tools|Options' menu and then clicking the 'Content' tab. Check the 'Block pop-up windows' check box and then click on the 'Exceptions' button to add a few websites from whom pop-ups may be allowed.

2. Java Script Control:

Java Scripts are used to provide the active content of a website. Since they are based on the principle of triggering a piece of program depending on the user input, they execute the moment a user clicks or inputs some data anywhere in the page. This is one of the methods used by malicious code programmers to get into a system and thus poses a threat. Firefox allows for the control of the Java Script execution. Click on the 'Tools|Options' menu item and then click on the 'Content' tab and check the 'Enable Java Script' check box. The default setup provided by Firefox should offer sufficient functionality and need not be worried about to tinker with.

3. History:

The access to the settings of the history of pages visited is held in the 'Privacy' tab of the Firefox options. It is advised to change the 'Remember visited pages for the last ___ days' box to a 0 (zero) value. Uncheck the 'Remember what I enter in forms and the search bar' box. This guarantees that none of your searches are stored in your cache that may be accessed by someone else.

4. Cookies:

Access to the cookies settings can be found in the 'Privacy' tab of the Firefox options. Firefox offers control of cookies by allowing the user the choose whether or not to accept cookies at all. A user may choose the 'Exceptions' and then choose to allow, temporarily allow or block cookies from a website. This setting is offered irrespective of the user's choice to allow/disallow a cookie. User discretion is advised here to allow or cookies at all and then give selective accept/deny to cookies.

5. Private Data:

Firefox allows you to clear all private data, Browsing History, Download History, Saved Forms Information etc. Automatically every time you close a session rather than you manually doing it. We can achieve this by clicking the 'Tools|Options' menu item and then clicking the 'Privacy' tab. Under the 'Private Data' section, check the 'Always clear my private data when I close Firefox' check box. The 'Settings' control offers you the control of what gets deleted upon every exit. Remember to check the cookies to be cleared. However, whether or not to clear the saved passwords depends on the user's preference to use the Password Manager facility. The 'Ask me before clearing private data' option prompts you to decide to clear private data at session close. A check mark indicates a prompt each time st session close.

Countermeasures for using the browsers safely

•Maintain an updated operating system with all security patches installed.

• Update the web browser before browsing the net.

• Run the anti-spy ware program depending upon the usage of the system.

Note: Spy ware is software that gathers information about a user while browsing the Internet and transmits the information to an individual who is responsible for introducing spy ware into the system.

• Maintain an updated AntiVirus software to protect the system from viruses.

• Set the operating system to display file extensions. For Microsoft Windows the settings should be made as shown below.

Go to My Computer --> Tools --> Folder Options -->In the View tab un check the option Hide file extensions for known file types.

• Always use trusted websites for browsing.

• Do not give your personal information over Internet.

• Avoid filling forms that came through email that ask for personal information.

• Always ensure that website offers security before submitting personal information through web browser. This can be done by checking the web address in the address bar which should begin with “https://” rather than “http://”.

• Do not click on the web link that has come via email. Instead go to main website by typing the address in the address bar.

• Never open a link in an email that asks for updating account/personal information.

• Avoid Phishing scams.

Note : Phishing is a process of attracting Internet users to a fake Web site by using authentic looking email with the real organization's logo, in an attempt to steal passwords, personal information, or for introducing virus in to the system.

• Block pop up windows while browsing Internet. Some pop-up messages may contain helpful information but most of the time they are advertisements with possibly some hidden code which is introduced by a hacker.

• Always clear private data after completing Internet browsing and do NOT save your login information.

•Always keep the firewall on.

• Turn off the computer or disconnect it from the network when not in use.


