Archive for the ‘browsers’ Category

Protect against XSS and Clickjacking attacks

Sunday, January 22nd, 2012

Although OS based security product is a good start, a multi layered security is even better.

I recommend using Firefox over Chrome and Internet Explorer because of its stability, addon and extension pack availabilities.

One particular extension I highly recommend is NoScript (version 2,2.7 running on Firefox 9.

Winner of the “2006 PC World World Class Award”, this tool provides extra protection to your Firefox.
It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your “trust boundaries” against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology. It also implements the DoNotTrack tracking opt-out proposal by default, see .
Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionalies..

As an affiliate marketer usually need to browse many questionable sites with even more suspicious links.  This extension in the virtual environment further protects my laptop from being compromised.

Although the extension is “free”, the author of this application requesting a small donation (recommended $15).  So please try it and if you find it useful, throw some coins his way.