Author Topic: Tests and other Media topics  (Read 301712 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #120 on: May 09, 2014, 11:36:53 PM »
NoScript and Request Policy in Firefox can help get better results.

polonus

P.S. There is another way to go quite quite stealth in firefox with SecretAgent add-on: https://www.dephormation.org.uk/index.php?page=81
What Secret Agent Does... -> https://addons.mozilla.org/en-US/firefox/user/SecretAgent/
With every web request (or page load, or browser session), Secret Agent does the following things;
Compares the web site host to a white list
If the host isn't on the white list,
Request Headers;
Overrides your browser's 'User Agent' with a random alternative selected from a customizable list
Overrides your browser's 'Accept' header with a random alternative selected from a customizable list
Javascript;
Overrides your brower's Javascript navigator.oscpu value using a random alternative selected from a customizable list
Proxy Headers;
Sets an HTTP X-Forwarded-For header with a random IP address
Sets an HTTP Via header with a random IP address
Cache Headers;
Sets a spoof ETag header with a random string of characters
If the optional 'If-Modified-Since' spoofing feature is enabled, overrides incoming 'Last-Modified' headers with a random time offset
If the host is on the white list
Request Headers;
Presents your browser's default 'User Agent' (or overrides with a user configurable value)
Presents your browser's default 'Accept' header (or overrides with a user configurable value)
Javascript;
Presents your browser's default Javascript naivator.oscpu value (or overrides with a user configurable value)
Proxy Headers;
Unaffected
Cache Headers;
Unaffected
N.B.
Mind you to whitelist the pages you want to use, because in stealth mode you are no longer being able for instance to post in the forums,
in that case disable the add-on or whitelist forum dot avast dot com in the extension.

polonus
« Last Edit: May 09, 2014, 11:47:30 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #121 on: May 10, 2014, 12:01:12 AM »
I checked with Panopticlick and indeed these results changed per request:
user agent one time like xxxxxx Gecko, next time it was xxxxx Galeon 1.3.21
HTTP accept headers also changed text/etc   and  next time application/application/
No Plug-in details, No time-zone, No Screen Size, No System fonts, just cookies enabled (first domain)
Limited supercookie test failed. Just have to test the webshields with this in action.
I tested it out and yes WebShield is normally detecting in a SecretAgent's Stealth mode enabled browser.
Read a review here: http://www.wilderssecurity.com/threads/firefox-top-security-privacy-extension.329939/page-2
We haveto update secret agents useragent list in the PHP script to be actual.

polonus
« Last Edit: May 10, 2014, 12:07:21 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #122 on: May 10, 2014, 01:23:06 AM »
For what it is worth, automatic firewall check: http://www.shieldcheck.com/auto/

For me all green, my firewall is working!

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline TerraX

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6475
Re: Tests and other Media topics
« Reply #123 on: May 10, 2014, 01:30:39 AM »
Hi,

with me everything is green ... i have avast! Firewall. 8) ;)
Thanks for the test page.

TerraX
Win10 64bit / Avast Premium Security 20.7.2425 / MBAM Free / Firefox ESR 68.11 [NS/uBO] / Thunderbird 68.10 / AOS/ASB

Offline Callender

  • Jr. Member
  • **
  • Posts: 27
Re: Tests and other Media topics
« Reply #124 on: May 10, 2014, 02:20:09 AM »
Another "interesting" Firefox Add On.

User Agent Cleaner.

Warning. Page is in Russian and requires translation: http://fxprivacy.8vs.ru/

Translated: http://translate.google.com/translate?hl=en&sl=ru&tl=en&u=http%3A%2F%2Ffxprivacy.8vs.ru%2F

Note: A better bet is to visit this page using Firefox: https://addons.mozilla.org/en-US/firefox/addon/http-useragent-cleaner/?src=userprofile

Like SecretAgent it increases privacy and will also prevent logins working on most sites. The add on can be disabled with a single click. It's pretty advanced and I haven't really got to grips with it just yet - particularly with enabling or disabling specific settings on a per site basis.


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #125 on: May 10, 2014, 04:12:55 PM »
Hi Callender,

Thanks for your contribution to the discussion. Interesting and will give it a look,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #126 on: May 10, 2014, 04:45:07 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #127 on: May 11, 2014, 05:54:57 PM »
Whenever you installed SecretAgent 1.26 you can renewed check the User Agent Spoofing here: http://whatsmyuseragent.com/
# You!! Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.13) Gecko/20060417
next Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20060206 Songbird/0.1
then Mozilla/5.0 (compatible; Konqueror/3.5; Linux; X11; i686; en_US) KHTML/3.5.3 (like Gecko)
then Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.7) Gecko/20070606
etc. etc.
With stealth mode active  I get an error going to
http://browserspy.dk/os.php e.g. Fatal error: Multiple access type modifiers are not allowed in /home2/gemal/public_html/inc/gsite.php on line 1788

This check worked fine: https://browsercheck.qualys.com/  and also this one: http://www.healthstream.com/browsercheck/?bhcp=1
retested in stealth mode. Strange that a pop-up blocker should be disabled: Popup blocking disabled is recommended.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #128 on: May 12, 2014, 11:27:24 PM »
Another Free SSL Web Server Tester: https://www.wormly.com/test_ssl/h/www.security.nl/i/213.156.0.246/p/443
(with an random example search query)
nice to use next to this one for comparison: https://www.ssllabs.com/ssltest/index.html

enjoy,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #129 on: May 13, 2014, 04:08:23 PM »
A commercial site integrity checker:
example: http://www.sitetruth.com/fcgi/ratingdetails.fcgi?url=bufferapp.com&details=true
Scan will produce identifying info data,
also a link going here (example) http://validator.w3.org/check?uri=http%3A%2F%2Fforum.avast.com%2Findex.php%3F

enjoy,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #130 on: May 15, 2014, 12:01:45 AM »
Content Security Policy Test.

Take it here: https://isc.sans.edu/tools/csptest.html?csp=N

test is brought to us by Johannes Ullrich

polonus

In Google Chrome all four pop-up alerts were neatly blocked by CSP.
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #131 on: May 15, 2014, 12:47:22 AM »
Now test your browsers adblocker: http://ads-blocker.com/testing

and top it off with this one: http://thepcspy.com/blockadblock/

and a completely other one: http://pseudo-flaw.net/content/adblock/  (checking to circumvent an adblocker - they are anti-adblocking and firefox)

pol
« Last Edit: May 15, 2014, 12:54:20 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #132 on: May 23, 2014, 12:14:50 AM »
Please, avast! friends, test your browser with Device Fingerprint here: http://noc.to/

Great tools, great info...what information my/your  browser is leaking to websites, be aware.
Every user of Ghostery will like like this site.

Damian

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Callender

  • Jr. Member
  • **
  • Posts: 27
Re: Tests and other Media topics - Etag Tracking Test
« Reply #133 on: June 14, 2014, 09:59:16 PM »
Etag Tracking - apparently not a method used or detected by Panopticlick.

 I've also known about tracking users via the use of Etags for some time now and when using any browser I tend to try to find ways to stop this from happening. That's not because it's a huge concern but just because if it's possible to block it then I see no disadvantage.

I found a site that can be used to test if your browser is trackable via the Etag method.

https://ochronus.com/tracking-without-cookies/

 There's some interesting info. With Etags blocked in my browser each visit or page refresh results in the site visit counter remaining at 1.

 If I unblock Etags it records each subsequent visit.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #134 on: June 18, 2014, 01:54:02 AM »
Time to test your pop-up blocking here: http://www.popuptest.com/
Coutesy of WebAttack

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!