Browser Safety
\n The security benefits of a good firewall have been universally accepted, the Red teams have focused attention on the next path of least resistance, which is the user. Gone are the days when we had a separate application for Mail, messaging etc. The Browser is the user’s 1 window into the internet.<\/p>\n\n\n\n
Get a safer Browser<\/a> Extensions for security\/privacy LastPass – Password Manger and secure password generator. Includes secure text storage for secret notes. You can share access to websites without telling someone your password! (if you both have LastPass)<\/p>\n\n\n\n Privacy; Optional Corporate Proxy; Check your browser CSP here https:\/\/content-security-policy.com\/browser-test\/<\/p>\n\n\n\n General Browser security test here https:\/\/browseraudit.com\/<\/p>\n","protected":false},"excerpt":{"rendered":" Browser Safety The security benefits of a good firewall have been universally accepted, the Red teams have focused attention on the next path of least resistance, which is the user….<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2,4,3],"class_list":["post-8","post","type-post","status-publish","format-standard","hentry","category-uncategorised","tag-personal","tag-security","tag-smb"],"_links":{"self":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/8","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8"}],"version-history":[{"count":4,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/8\/revisions"}],"predecessor-version":[{"id":959,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/8\/revisions\/959"}],"wp:attachment":[{"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Chrome – Recommended, Fast, Secure, Doesn’t hog memory
Firefox – occasionally hogs memory, new version is better, Internet settings separate from OS; allows OS to be routed through a proxy but Firefox routed direct to internet.
Edge – M$ has officially given up, Edge will soon be based on Chrome engine.
NEVER Safari for Mac, it only supports CSP Level2<\/a> where above browsers support CSP Level 3
NEVER Internet Explorer!!! its only use is to download Chrome<\/p>\n\n\n\n
uBlock Origin – Recommended blocker for Ads, trackers, malware, phishing etc. Low Cpu,Mem
alts: Adblock+, Ghostery, QuickJava
Bitdefender Trafficlight – Recommended Classifies websites; Avoids Phishing and drive-by’s
alts: Wot, Avira Browser Safety
HTTPS Everywhere – automatically tests for a HTTPS site and lands you there
alts: KB SSL Enforcer, ForceHTTPS
TunnelBear VPN – convenient for use anywhere public. Install on laptops, not required on desktops.
alts: Hola Free VPN, Gom VPN<\/p>\n\n\n\n
\n Change default search engine to DuckDuckGo. Most other search engines sell your browsing history to make money. This can be done globally via Group Policy.<\/p>\n\n\n\n
A proxy is a good method to get consistent filtering, for thousands of workstations, that is relatively easy to maintain.
UTM firewalls may include a proxy.
Pros: can be Free Linux+Squid+DansGardian, centralized, flexible filtering, flexible migration via DHCP or DNS. Global Antivirus can be added. Caching speeds up frequently accessed web pages.
Cons: Only works onsite, laptops still need additional protection. Can be a single point of failure if not designed properly.
Possibilities: Group Policy could force your servers to use a proxy that allows only OS+AV updates. GP for laptops could force IE to use a restictive proxy but allow installing the more secure Firefox+Extensions<\/p>\n\n\n\n