Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



Protect Your Laptop With Seven Must-Have Firefox Add-Ons

By Paul Rubens

When you're out and about with your laptop, you probably like to frequent spots where you know you can score easy access to the Internet via a hotspot. When you're outside your own home network, though, which you've probably secured with a password against strangers, you're often at your most vulnerable. You never know who you're sharing a network with.

Fifteen years ago the floppy disk was the most common vector used by malware writers to spread viruses, and in more recent years email has been the primary vector. But the trend now seems towards spreading malware and exploiting vulnerabilities using malicious code on websites which exploit browser vulnerabilities. According to IBM Internet Security Systems X-Force team 2008 Trend & Risk Report “the number of vulnerabilities affecting Web applications has grown at a staggering rate. In 2008, vulnerabilities affecting Web server applications accounted for 54 percent of all vulnerability disclosures and were one of the primary factors in the overall growth of vulnerability disclosures during the year.”

To minimize the risk of succumbing to a Web-borne attack then, it’s essential that you use the Web as safely as possible, and the first thing to decide upon is a browser. The two most popular choices are Microsoft’s Internet Explorer and Mozilla Firefox, and there’s some debate about which one is more secure. It’s certainly true that Explorer is used by far more people than Firefox (due to it’s being part of the Windows operating system) so one could argue that, all things being equal, choosing the minority browser is the sensible choice because it offers a smaller (and thus less tempting) pool of potential victims to malware writers.

Ensuring that the browser is up to date can help minimize security risks, but perhaps the most interesting feature of Firefox from a security perspective is the possibility of enhancing the browser’s security with the addition of browser extensions or add-ons. Of course any add-ons risks adding new vulnerabilities, but if they protect against known problems at the expense of possibly adding as-yet unknown ones, then the trade-off may well be worth it.

With that proviso, here are some important ones to consider for anyone browsing the Web outside a trusted network, to protect against Web-based exploits, and more general security risks. All are available from http://addons.mozilla.org.

1. NoScript

This Firefox extension allows the user to enable or disable Java, JavaScript, Flash, Silverlight and other plug-ins (which could be malicious) for all sites unless the sites are specifically marked as trusted, directly from the status bar. These can also be temporarily allowed on any given site without adding it to a whitelist.

NoScript also protects against Cross Site Scripting attacks, and ClickJacking (also known as UI Redressing) attacks that cause users to click on buttons which are obscured by other page elements.

2. CS Lite

This simple add-on allows users to selectively or globally block cookies from websites, and view edit and delete them directly from the status bar. It does for cookies what NoScript does for scripts and plug-ins.

3. ShowIP

ShowIP helps against phishing attacks by displaying the IP address of the current website in the status bar at the bottom of the browser. While this is of limited use in itself (unless the user happens to know the IP address of the web site they want to visit,) right clicking on the IP address shown in the status bar brings up a number of options, including running a whois lookup to confirm the registered owner of the IP address concerned.

4. WOT (Web of Trust)

The WOT add-on gives a trustworthiness rating for sites that users visit based on feedback from other WOT users, access from a WOT button in the address toolbar. The button itself changes color depending on the trustworthiness of the site, giving an instant warning when a user visits a site that may be a source of malware. For some sites, such as those rated dangerous, WOT brings up a warning screen with the options to proceed to the site, add it to a white list, or to find out more information about the nature of the dangers that other users have reported.

5. Foxmarks

There’s always a danger with laptop computing that bookmarks for sites on your desktop computer won’t be available on your laptop. If you then type in the address of the site manually there’s the possibility that you could misspell it, and end up on a malicious Web site inadvertently. Foxmarks prevents this by syncing your laptop and desktop bookmarks, so you can access frequently visited sites via bookmarks which are known to work. Foxmarks can also sync Web site passwords (protected by a PIN) so that passwords stored on a desktop machine by Firefox’s password manager are also available without having to write them down for use on the road. This also makes it more practical to change passwords frequently and store them within Firefox without having to worry about keeping the password stores on different computers synchronized.

6. Master Password Timeout

Firefox has the ability to remember and enter passwords for sites you may visit, and these passwords can be protected with a master password. If the master password is long and not guessable but stored in your head (i.e. not written down) then having Firefox remember passwords can be a very secure solution. The problem is that once the master password is entered Firefox gives you access to passwords without prompting for the master password until it detects five minutes of inactivity. This is a potential security risk if you leave the laptop unattended for a minute or two in a public place. To prevent this, Master Password Timeout allows you to specify your own, shorter timeout period. The master password can also be “logged off” manually from the Tools menu once Master Password Timeout is installed.

7. FireGPG

The use of encryption and digital signatures are important ways of maintaining the security of communications which are sent over insecure channels such as the Internet , when a VPN is not available. FireGPG allows users to encrypt, decrypt, sign and verify the signature of text from within Firefox from a FireGPG item in the Tools menu. It also adds buttons to the Gmail web page carrying out the same functions. Note: FireGPG requires that GnuPrivacyGuard (GPG) is installed on the laptop computer.


For more help, check out the PracticallyNetworked Forums.

Add to del.icio.us | DiggThis




Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums