Secure Your Browser

Secure Your Browser (Beta)

I haven't updated this page in a while. I recommend that you refer to the well-written US-CERT (Dept. of Homeland Security) instructions as well. I haven't looked at their's closely, but you can decide for yourself which steps are most prudent for you. ;-)

Your browser is your primary internet-facing program. Beef up your browser no matter which track -- basic, strong or robust -- you're on. [threats]

Stiffen Internet Explorer security settings even if you use another browser. Internet Explorer is absurdly entwined with Windows, and butts in without your control.

AOL, Earthlink, and other ISP-branded browsers are usually just Internet Explorer behind a facade. Naturally, IE configuration changes directly affect them as well.

[Drop down to Firefox Settings]

If you're using Internet Explorer 6:

My advice is upgrade to IE8, or switch to Firefox. :-)

[Reduced rights]
[IE 6 security advice if you're not yet ready to switch.]
[IE8 Settings] (at Microsoft)
[Advice from Microsoft on how to toughen up IE 6.]

If you're using Internet Explorer 7:

I recommend that you switch to IE8 [settings] OR to Firefox.

[IE7 Settings]
[IE8 Settings] (at Microsoft)
[Reduced rights]
[Drop down to Firefox Settings]

Security settings for IE7:

I don't have much experience with IE7. (I use Firefox as my primary browser.) I thought it would be easy to find tons of good advice online for IE7 though. I was wrong. Microsoft doesn't seem to offer much help either, maybe because they don't like the answer. ;-)

I found one Microsoft webpage that gives short, valid instructions that will provide good security. However, these settings will make IE7 tedious to use if you visit lots of different websites. Another item, "IE 7 needs tweaking for safety" by Brian Livingston, also gives good advice.

IE7 running on Vista (but not XP) is fairly secure without changes if you leave UAC enabled.

Answers.com links to more answers for your questions about IE7 security settings.

My own setup for IE7 on Windows XP:

Here's how I set up IE7 for those rare occasions when I use it:
• I run IE7 under reduced rights.
• I set the security level to "Default" rather than "High".
That's it. I'm more secure with less fuss than if I used "High" as Microsoft recommends.

Firefox security settings:

The table below gives my advice for Firefox itself. [Firefox Options Page]

I strongly recommend that you also install these free Firefox Add-ons:
• Adblock Plus,
• WOT (Web of Trust)
• And possibly NoScript.

You can also run Firefox with reduced rights, which adds powerfull protection against all sorts of known and unknown threats.

• map of security section

• Step 2: tighten configuration: windows settings; browser settings; email settings
• bypassing security constraints
• securing your web browser

• email security
• web smarts
• catalog of threats
• elements of defense
• security software
• strong passwords
• 7 steps to security
• my own security plans
• WiFi and hotspot security
• how to wipe your hard drive
• how to remove malware

• attack vectors: deception the #1 threat; phishing #1 deception; poisoned websites; poisoned email; email attachments; downloads; spam (scams and phishing); hackers and worms; popup warnings
• malicious content: spyware; viruses and worms; trojans

Tight browser settings won't improve your security one iota if you don't use your head when dialog boxes pop up.

For example, if you're asked to allow an ActiveX control to run, ask yourself if you completely trust this site. You can often view the page even if you don't allow ActiveX to run..

"No matter how far you have gone on a wrong road, turn back." --Turkish Proverb

You'll find most of the security related settings in "Options" under "Tools" in the Firefox Menu.
Tab	Option	Instruction
Security	Warn me when sites try to install add-ons	Check: You will need to allow specific sites when you want to install any Firefox plugins or extensions. A straw colored notification strip will appear at the top of the page when you try to start an installation. Allow the site to proceed if it's what you expected. You'll need to reinitiate the installation before anything will happen though.
	Tell me if the site I'm visiting is a suspected attack site	Check.
	Tell me if the site I'm visiting is a suspected forgery	Check: This option protects against Phishing. I'd use the "Check against a download list..." because it's faster if not as thorough as Google.
	Passwords	If you tell Firefox to remember passwords, be sure to answer "No"when you asked later on if you want to save your password for a sensitive website, like your bank.
Advanced	Update	Enable the options to check for updates to Firefox and extensions, and search engines too if you like.