timnik

New Member
Since most malware comes from the internet it's essential to fortify one's browser.

There are many browser protection tools exists
(Sandboxie, Web of Trust (WOT), NoScript, Spyware Blaster, HTTPS Everywhere, BufferZone Pro, Ghostery, Adblock and so on..)
and it's hard to understand which are similar and which are complementary.

Which optimal combinations of these tools do you use for Google Chrome and Mozilla Firefox?
 

Diurpaneus

New Member
timnik said:
Since most malware comes from the internet it's essential to fortify one's browser.

There are many browser protection tools exists
(Sandboxie, Web of Trust (WOT), NoScript, Spyware Blaster, HTTPS Everywhere, BufferZone Pro, Ghostery, Adblock and so on..)
and it's hard to understand which are similar and which are complementary.

Which optimal combinations of these tools do you use for Google Chrome and Mozilla Firefox?
For Mozilla i use WOT,Ghostery,Adblock Plus,NoScrip,HTTPS Everywhere and LastPass.
In my opinion this addons are the best for browser protection.
 

Spawn

Administrator
Verified
Staff member
Just a few tips.

Remember not to confused User Privacy tools with Malware prevention, although both can affect user experience in a similar manner.

- Keep an updated web browser, even for Internet Explorer.
- Minimise the risks by uninstalling unused plugins and extensions.
- Use built-in security enhancements:
  • - For IE, use Protected Mode (more secure is Enhanced Protected Mode), SmartScreen Filter etc.
    - Others are Google Safe Browsing, Phishing protection and disallow Pop-ups etc.
- Use Ad-blocking software to block advertising (ie. Ad-network hacked)
- Some use a Sandbox/Virtualise their browsing experience.
- Some use an alternate DNS service that provides content filtering.
- Also you can use a Standard User Account to prevent a lot of malicious damage.

Your last resort should be your Antivirus to protect you.

Correct me, if I'm wrong. Thanks. :D

[hr]

So what do I use?
- A secure modern browser (Chrome + IE)
- Google SafeBrowsing (Malware + Phishing) or Windows SmartScreen
- Lastly, Windows Defender

In my opinion, User Privacy is a different matter.
 

jamescv7

Level 61
Verified
Trusted
Those protection mentioned are really enough and covers from its maximum effect as possible just to make sure none will sacrifice your browser experience.
 

DrBeenGolfing

New Member
Use Opera and Firefox with Phishing/Malware protection on, AdBlock, WOT, LastPass, UAC passworded.
Use Earth's IE10 setup for downloads, financial--make sure your machine is clean before doing any financial transactions.
 

timnik

New Member
Earth said:
Remember not to confused User Privacy tools with Malware prevention, although both can affect user experience in a similar manner.
Thanks for clearing up! I complicated things by mixing up these two, indeed :rolleyes:
 

timnik

New Member
jamescv7 said:
Those protection mentioned are really enough and covers from its maximum effect as possible just to make sure none will sacrifice your browser experience.
That was my question also, not sure if it's a good idea to use all of them.
 

jamescv7

Level 61
Verified
Trusted
Adblock pretty good in blocking ads from any type of vectors.

WOT= nice community based siteadvisor

Sandboxie or Bufferzone Pro as your virtualization preferences
and last if necessary is HTTPS Everywhere for secured site information.

In my opinion it could applicable that for you. :)
 

timnik

New Member
Diurpaneus said:
For Mozilla i use WOT,Ghostery,Adblock Plus,NoScrip,HTTPS Everywhere and LastPass.
In my opinion this addons are the best for browser protection.
DrBeenGolfing said:
Use Opera and Firefox with Phishing/Malware protection on, AdBlock, WOT, LastPass, UAC passworded.
Why is LastPass Free better at keeping passwords and filling out forms compared to Google Chrome?
 

Ramblin

New Member
I recommend Sandboxie and NoScript. Using SBIE protects the system because once the browser is running under its supervision, all changes created while browsing are isolated from the rest of the system, registry, etc, that way the system remains intact. For example, if you are browsing and while visiting a site, malware starts getting downloaded and your antivirus don't do nothing, all you have to do is delete the sandbox. Once you do that is like nothing ever happened.

If you use SBIE all the time, you need to only concern yourself with files that you download, recover to the hard drive and execute out of the sandbox instead of having to be concerned about anything you do while being connected to the internet. This makes the internet experience a lot more enjoyable as viruses and worries belong to the past.

Most people when they start using SBIE, start by sandboxing the browser but keep in mind that running the browser sandboxed is only the tip of the iceberg of what can be done with the sandbox. In my case, I take everything that Sandboxie offers and use it. I isolate not only my browsers but also my EMail client, PDF reader, video players, you name it. I sandbox all programs that I normally run. The sandbox can also be used to isolate USB, CD and DVD drives.

About NoScript, in my case, the main reason why I use NS is because it helps clear websites of disturbing and annoying ads, that way is easier to focus on what I am doing. NS can be used to block not only potentially malicious Javascript but its also used to block Flash, Java, IFrames and other plugins. I also use it to block trackers and it protects against Clickjacking and XSS.

http://noscript.net/

In my case, Sandboxie and NoScript is all I use for protection, no need for anything else. In your case, if you decide to use SBIE, running your favorite AV along SBIE will be more than enough protection as the AV can handle known treats and Sandboxie will take care of the rest.

Bo
 

Spawn

Administrator
Verified
Staff member
-cough- You use 30+ addons -cough- :lolz:

Akash209 said:
All those addson..!!
[hr]

NoScript is a great add-on if you use Firefox but other browsers' alternatives aren't.
 

Spirit

New Member
Maybe I sound foolish but I found one amazing software which protects you almost 99 % (nothing is 100%) but its some heavy on resources and have to manually protect important website for 1st time.

The software I mentioning is Trusteer Rapport

P.S. It is not add on but a complete software which is integrate into your browser

Its said to protect mostly online banking website but its also protect you while you surfing some general website and checking emails.

Look at the screenshots:



After you click Protect:



Now you are Protected:




Any feedback is welcome
Thanks
 

Dejan

New Member
Never heard of it, is Trusteer a WOT-type add-on?
Also, how exactly does it "protect sites"?

I use: - WOT, to kinda get a general idea as to how safe a site is (though it's far from perfect).
- Adblock, self-explanatory.
- LastPass, useful for remebering account info, though insanely risky if your account isn't well-protected.
That's about it, I haven't been infected in forever, mostly cause I'm at least somewhat careful, even when it comes to piracy or whatnot.
 

Spirit

New Member
Dejan said:
Never heard of it, is Trusteer a WOT-like add-on?
Also, how exactly does it "protect sites"?
Its not like WOT but it protect your data while transmission and protect you from phishing website and malwares.

Keeps Computers Clean of Financial Malware
Using behavioral algorithms, Trusteer Rapport is capable of detecting, blocking, and removing financial malware threats in the wild. The use of behavioral algorithms guarantees that new variants of the same financial malware strains are immediately detected, blocked, and removed, without any need to update Trusteer Rapport software.

Detects New, Zero-Day Threats
Beyond automatically addressing new variants of known threats, Trusteer Rapport’s behavioral algorithms are able to identify suspicious activity of potential new threats. Trusteer Research is alerted and rapid response teams are immediately engaged to analyze these threats. Trusteer works closely with its customers to instantly react to threats and prevent any fraud attempt.

Stops Phishing of Login Credentials and Payment Card Data
Trusteer Rapport prevents credential and payment card data theft by detecting suspected phishing sites on first access by a protected user. It alerts the user of a possible phishing attempt in order to prevent data loss. Trusteer experts verify, in near real-time, that the site is in fact malicious. The site is added to Trusteer Rapport’s black list to prevent other users from being phished. The financial institution is notified to allow for both timely takedown and users to be re-credentialed.
Notifies Fraud Teams of Threat Activity
Financial institutions receive Trusteer Intelligence alerts on malware and phishing activity identified by Trusteer Rapport. The alerts can further drive fraud prevention and mitigation processes such as user re-credentialing, transaction reviews and takedown of phishing sites.
 

DrBeenGolfing

New Member
Trusteer is used by most banks, brokers, financial institutions to protect their transactions and secure their websites. There are several tests showing it smokes all AVs in secure transactions...like Kaspersky came in a distant second. I'm on my phone now but you can look that up.
 

Littlebits

Retired Staff
It all depends on your online web habits to what you may need to protect you. Users like myself who never download untrusted files or visit unknown websites don't need to run their browser in a sandbox. I have never once got an infection from using my browser without a sandbox. All a sandbox does is keep you safe if you make a mistake and download a malicious file but you will still have to manually execute it in order to get infected. While using a sandbox browser, when you manually execute a malicious file it can not harm your system. But if you don't manually execute it period then you have nothing to worry about. There is no longer malware that automatically downloads and executes itself, if there is then extremely rare because I have seen any since about 2005. Of coarse there are vulnerabilities in browsers, flash player and Java. But there are many options to block these vulnerabilities without having to use a sandbox. Even vulnerabilities require some kind of user action response to be successful at infecting you. Keep UAC on default settings for anything that might get by and never allow unknown processes to run when prompted by UAC.

Use a secure browser like Google Chrome (not Chromium clones), Firefox (official version not clones) or IE10.

Setup your browser to block ads, secure password manager like LastPass, browser add-on like WOT to warn you of potential bad websites and HostsMan with MVPS blocklist. You can add additions add-ons for browser security as well just don't add too many or your browsing speed will be effected.

Your real-time AV should do the rest just in case.

Thanks.:D
 

Spawn

Administrator
Verified
Staff member
Far from it, Rapport is used and recommended by banks / financial institutes (as already mentioned), it prevents Man-in-the-Middle attacks, more posted here. The Rapport download from their website may limit you to protect up to 10 websites. However, if you download from your Bank's website that limit is lifted to (for example) 100 websites (ie. Natwest).

Dejan said:
Never heard of it, is Trusteer a WOT-type add-on?
Also, how exactly does it "protect sites"?