Methods for improving security when performing online transactions

View previous topic View next topic Go down

Methods for improving security when performing online transactions

Post by ssj100 on 2/9/2011, 17:18

Thought I'd create a new topic for this to carry on from here:
http://ssj100.fullsubject.com/t427p15-windows-vista-windows-7-sandboxie-integrity-levels#3581

After further reading/research, I've decided that (for me) the following combination would be extremely robust and yet relatively convenient:
1. My usual security setup/approach ( http://ssj100.fullsubject.com/t4-ssj100-s-security-setup#16 )
Steps 7-9 still apply, but different browsers aren't necessary - in this case, a "clean slate" Firefox browser can be opened each time in a separate ("banking") sandbox. Normal browsing can still be done in the usual Firefox sandbox.
2. Firefox add-on "NoScript" with HTTPS enforcement - "Forbid active web content unless it comes from a secure (HTTPS) connection".
3. Firefox add-on "Perspectives" - gives a good idea as to whether the SSL certificate can be trusted.
4. Firefox add-on "ShowIP" - informs you of the IP address of the current web-site so you can ensure it's the correct address.

Steps 3 and 4 would be the only additions to my current personal setup. However, I'm not convinced that Perspectives is needed when ShowIP is used. Even if a fraudulent SSL certificate is used, the redirected (pharming) site would use a different IP address - this should ring louder alarm bells than anything from Perspectives. And surely things are secure if the IP address matches up and the site has a valid SSL certificate. Also, Perspectives requires Port 8080 to be opened (this Port is disabled by Sandboxie in all my internet facing sandboxes) in order to function - this possibly opens up a potential security hole.

Anyone else would like to share their method(s)? m00nbl00d has already described an extremely clever method in the above linked thread.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum