Cyber Security Awareness Month - Day 5 - Sites you should stay away from
As we wander down this path that is Cyber Security Awareness month it reinforces that on one hand the Internet is a source of an unimaginable wealth of information and knowledge and on the other hand is a scary place where evil lurks in dark corners. The question for the day is how can you explore the Internet while avoiding nasty sites.
As a security practitioner I am often taken off the beaten path of the Internet to do research, so it is important that I have some help avoiding nefarious sites. Here are a few tools that I use:
- I use Firefox and the Web-of-Trust add-on to help me identify potentially naughty sites. Web of Trust adds colored circles after all links, green for good, yellow for questionable, and red for bad. McAfee SiteAdvisor and other products do very similar things.
- I use OpenDNS and utilize the Web Content Filtering capability to provide a layer of protection.
If you have other tips on how to avoid nasty sites, please feel free to comment below or contact us via our contact form.
Update from the contact form:
There are a number of websites that can be used to verify the reputation and safety of websites:
Locking down the host file is also an alternative. The MVPs hosts project provides a good method to avoid ads and some troublesome sites.
If you still run Windows XP or earlier and must run as an administrator there is an intriguing way to browse the web as a non-administrator.
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)
Comments
Whenever I'm recommending security for home users, I recommend the following as a minimun on top of the standard AV and firewalls etc:
K9 Web Protection from Bluecoat (www.k9webprotection.com) - highly recommended (very low profile and extremely quick). I did put my parents on the OpenDNS filter once, but as their ISP used dynamic IP's which refreshed quite quickly, the filter became redundant because it bases the filter profile on the IP address you're using.
AVG Link scanner - This tool actually scans sites within a search result for malware rather than rely on a database of "user experience"
Using a modifed hosts file via Spybot and Hostman also helps.
Alban
amilroy
Oct 5th 2010
1 decade ago
All in all, it's a pretty client safe setup!
Jeff
Oct 5th 2010
1 decade ago
Rick
Oct 5th 2010
1 decade ago
Rick
Oct 5th 2010
1 decade ago
joeblow
Oct 5th 2010
1 decade ago
Ken
Oct 5th 2010
1 decade ago
For my part, a while ago I started using Immunet, which is a cloud-based AV (yeah, right!!) Their solution co-exists with other AV's, mine is Avast. (Not the best, I know, but it's free)
The reason I mention it, is that recently Immunet blocked two nasties on my system and I thought that was really good, since it was seemingly coming from my browser.
And I use Firefox with noscript, but that does not end all threats. Don't forget to mention no-admin-rights on the browser.
If only FF could run with low integrity level...
prontissimo
Oct 5th 2010
1 decade ago
Obviously, this is patently false. q.v. any adstream injection, the SeattleSeahawks, CNN, whatever - none of these were "sites to avoid".
As for defense-in-depth - combination of Firefox+noscript and/or SandboxIE.
Steven
Oct 5th 2010
1 decade ago
I also use K9 on my kids' machines, and OpenDNS for the home network (with the OpenDNS updater). Also using Avast for AV duties.
ASB
Oct 6th 2010
1 decade ago
At the client end, FireFox + NoScript.
John Hardin
Oct 6th 2010
1 decade ago