The Real Web Security
AudioPill Beta Episode
For the Hebrew guide: Here
Listen to the podcast: here
See also:
- Quick guide for safe browsing
- Wireless Security
- Windows Updates, Security & Viruses
- Free software download page
INTRODUCTION
Topic: The Real Web Security & Web 2.0
1. Anonymity (Proxy & Encryption)
2. Browsers on a Web 2.0 world
3. Sites you visit, cookies and Scripts
4. Web browsers roundup
5. Firefox, Add-ons
Reasons why to go Anonymous
The Text you type can trigger an automated system out in the web
Don’t want anyone to know what sites you visits
Getting around geographical IP s restrictions
Browsing is safer
No tracing
Reasons why not to
Browsing is slower
Not all sites will load
& Just to be clear, Any browser containing scripting is vulnerable
Proxy Will not protect you against JavaScript-Enabled Browsers
Will not protect you against ActiveX Microsoft design for
ActiveX was to allow a website that you visited to, on purpose,
to download what is basically a DLL and run it, just by visiting
the page, without any asking for permission or anything.
Browser Header
Check your browser/ Internet privacy status:
http://ipid.shat.net/
http://www.showmyip.com/
http://www.speedguide.net/scan.php
Using such information, a hacker could attempt to break into your computer, websites could keep records of your visits, and tracking software could map a path to your geographic location.
Cross Site scripting:
Active, dynamic content, interactive sites are exposed to cross-site scripting attacks
Combines asynchronous JavaScript with XML — in many popular Web sites and applications.
JavaScript, can be embedded into an attacker’s website or injected into trusted sites by exploiting a common web security hole known as cross-site scripting flaw
No Script There’s a browser safer than Firefox…
…it is Firefox, with NoScript Watch the “Using NoScript” video
OpenDNS Why don’t you quire us first before you go somewhere else
We’ll keep a list of the bad site, so if your computer tries to
reach a bad site…
We will redirect you or say it’s unavailable.
We’ll do the first DNS lookup for you
What can we do in order to visit Web Sites securely?
How can we stop Viruses from reaching us?
What is Web 2.0 and what are its flaws?
How our Internet Browser working from the inside out?
TOR: Anonymous Web Surfing
- Cons:
- DNS leaks and Correlation attack when the attacker holds the information of both entrance node and exit point.
- Solution:
- DNS: Make sure you are using Tor to Send DNS queries (type about:config in FireFox address
- And make sure: network.proxy.socks_remote_dns| are set to= true
- Correlation attack – Hopefully Tor will use enough Tor servers on the network
Fearless Browser
Deploy Firefox in your network
http://firefox.dbltree.com
http://mozptch.mozdev.org/
Web 2.0 – Your interactive, modern website. Users can use it as they wish. They can even leave comments or submit their own content…
Security Survival Tips for the Web 2.0 World 2
No comments yet.
