- Nov 4, 2013
- 468
Source---------------- http://www.ghacks.net/2015/05/26/turn-firefox-into-a-security-information-powerhouse/
The majority of things that happen when you load a website in your browser of choice happen in the background. Unless you have installed security extensions in the browser or software on the system, you may be completely unaware of the connections that are initiated when a page is loaded in the browser.
While you can check that manually using the browser's developer tools (hit F12 and switch to network for that), it is only displaying information to you while the page is loading.
The Firefox web browser is probably the browser with the best selection of extensions that provide you with security information, often before you connect to a website.
This guide provides you with a list of extensions that you may want to consider for that.
The extensions
Site Identity Button Colors
The add-on brings back colored site indicators to distinguish visually on first glance between verified domains, identities and mixed content sites.
Site Identity Button Colors uses Mozilla's own pre-Firefox 15 color scheme by default. You may change that to stronger colors in the add-on options.
SSL Sleuth
The Firefox add-on ranks SSL connections based on how strong they are. It provides you with a summary of important connection parameters such as the cipher suite, the SSL/TLS version or the certificate.
The rating itself is displayed in Firefox's address bar automatically. You may also use it to disable RC4 suites and non PFS / non RC4 suites globally in the browser which may improve the strength of the connection but may cause connection issues on some sites.
Passive Recon
he add-on provides you with tools to look-up link or site information without visiting the site in question.
Just right-click on any link in Firefox and select a service or tool listed in the Passive Recon menu to run the query.
You may look up DNS, IP and Whois information for instance, run various Google searches, check mail servers or generate a site report on Netcraft.
While you can do so manually as well, Privacy Recon makes it a lot easier to perform these operations, especially if you run them regularly in the browser.
Web of Trust
The extension ranks a website's trustworthiness and child safety both in Firefox's interface but also in search engine results.
The rankings are powered by the Web of Trust community and third-party sources. While that works fine most of the time, it may happen that sites that are not dangerous or untrustworthy get a bad reputation score due to the community focus of the service.
The options displays all sites that ratings are shown on. The list of sites includes the popular search engines Google Bing and Baidu, social sites like Facebook, and a bunch of other sites including Wikipedia, Yahoo and Reddit.
Safe Preview
Safe Preview lists options to check links using several online services including Web of Trust, Google, Avast, DrWeb or Norton Safe Web.
To use it simply right-click on any link open in Firefox and select the "Is it safe" option from its context menu.
Secure or Not
The extension draws borders around all links on a web page you run it on highlighting secure links in green and insecure links in red.
This is especially useful on sites with web forms as it may not always be clear immediately if what you enter is submitted using a secure connection.
Connection-related extensions
Several Firefox add-ons list connections that are made to third-party servers when a page is loaded in the browser.
These "smaller" extensions may prove useful as well.
The majority of things that happen when you load a website in your browser of choice happen in the background. Unless you have installed security extensions in the browser or software on the system, you may be completely unaware of the connections that are initiated when a page is loaded in the browser.
While you can check that manually using the browser's developer tools (hit F12 and switch to network for that), it is only displaying information to you while the page is loading.
The Firefox web browser is probably the browser with the best selection of extensions that provide you with security information, often before you connect to a website.
This guide provides you with a list of extensions that you may want to consider for that.
The extensions
Site Identity Button Colors
The add-on brings back colored site indicators to distinguish visually on first glance between verified domains, identities and mixed content sites.
Site Identity Button Colors uses Mozilla's own pre-Firefox 15 color scheme by default. You may change that to stronger colors in the add-on options.
SSL Sleuth
The Firefox add-on ranks SSL connections based on how strong they are. It provides you with a summary of important connection parameters such as the cipher suite, the SSL/TLS version or the certificate.
The rating itself is displayed in Firefox's address bar automatically. You may also use it to disable RC4 suites and non PFS / non RC4 suites globally in the browser which may improve the strength of the connection but may cause connection issues on some sites.
Passive Recon
he add-on provides you with tools to look-up link or site information without visiting the site in question.
Just right-click on any link in Firefox and select a service or tool listed in the Passive Recon menu to run the query.
You may look up DNS, IP and Whois information for instance, run various Google searches, check mail servers or generate a site report on Netcraft.
While you can do so manually as well, Privacy Recon makes it a lot easier to perform these operations, especially if you run them regularly in the browser.
Web of Trust
The extension ranks a website's trustworthiness and child safety both in Firefox's interface but also in search engine results.
The rankings are powered by the Web of Trust community and third-party sources. While that works fine most of the time, it may happen that sites that are not dangerous or untrustworthy get a bad reputation score due to the community focus of the service.
The options displays all sites that ratings are shown on. The list of sites includes the popular search engines Google Bing and Baidu, social sites like Facebook, and a bunch of other sites including Wikipedia, Yahoo and Reddit.
Safe Preview
Safe Preview lists options to check links using several online services including Web of Trust, Google, Avast, DrWeb or Norton Safe Web.
To use it simply right-click on any link open in Firefox and select the "Is it safe" option from its context menu.
Secure or Not
The extension draws borders around all links on a web page you run it on highlighting secure links in green and insecure links in red.
This is especially useful on sites with web forms as it may not always be clear immediately if what you enter is submitted using a secure connection.
Connection-related extensions
Several Firefox add-ons list connections that are made to third-party servers when a page is loaded in the browser.
- Lightbeam for Firefox - Lightbeam makes all connections in Firefox visible using graphs and list views.
- NoScript Security Suite - NoScript blocks all scripts loaded by first and third-party connections. You are in full control of these connections and can enable and disable them as you see fit. The extension supports additional security-related features, including an option to look-up domains online, clickjacking protection or restrictions as to what untrusted sites may load.
- RequestPolicy - Puts you in control of cross-site requests made in Firefox. You may block or allow destinations, or simply list all connections made to third-party sites.
- uMatrix - The add-on lets you manage connections made on pages you visit. It may be used to allow or block specific connections.
These "smaller" extensions may prove useful as well.
- FoxBleed - The extension checks whether websites you visit are affected by the Heartbleed vulnerability.
- Site Check - The extension runs a site check scan on the Sucuri website which brings issues such as drive by downloads, social engineering attacks or phishing attempts to your attention.