• Tag Archives firefox
  • Security Note: Fake SSL Certificates Issued for 9 Popular Websites

    By Craig Szymanski

    Apparently Comodo issued security certificates for these popular websites…
    login.live.com,, mail.google.com, http://www.google.com, login.yahoo.com (3 certificates), login.skype.com, addons.mozilla.org. This would allow attackers to create fake websites using these certificates and pose as authentic site and at least steal your logon information.

    So when your Microsoft Update asks you to install an update out of make sure you do(That little yellow shield near the clock). If you do not want to wait for the update to come to you then go get it here…

    http://support.microsoft.com/kb/2524375

    In addition, make sure you update your Firefox Browser as well. Mozilla Firefox released 3.6.16 today also to include a fix that “blacklists a few invalid HTTPS certificates”. The Firefox 3.6 update is available here: http://www.mozilla.com/en-US/firefox/all-older.html
    Or just simply update to the latest version: http://www.mozilla.com/en-US/firefox/new/

    References:

    http://www.wired.com/threatlevel/2011/03/comodo-compromise/

    http://support.microsoft.com/kb/2524375

    Category: Computer Security, For-Facebook, For-My-Facebook, Phishing, Security, Windows, Comodo, FireFox, MIcrosoft Windows, phishing, Security Alert, SSL


  • Silent Remote Installation of Mozilla Firefox 3.x

    This is an example of how to deploy firefox remotely to your windows based domain client machines using psexec with proxy settings. First you need to download the latest 7-zip from here: www.7-zip.org after you have that installed find your firefox installer package. As of this articles writing the name of this file was “Firefox Setup 3.6.4.exe”. Right-click on it and choose the menu item under 7 zip called: Extract to Firefox Setup 3.6.4″

    Once the package unzips go into the directory called Firefox Setup 3.6.4 and have a look around.

    Home Page Setup:

    The first folder is called “localized” open the file called “browserconfig.properties” with wordpad and edit the urls to reflect the homepage that you want your clients to have. In my case the file looked like this when I was done…

    browser.startup.homepage=http://szone.berlinwall.org
    browser.startup.homepage_reset=http://szone.berlinwall.org

    There is also a prefs.js file in the localized\defaults\profile directory. You can add entries here is you like and they will be the default preferences. Having a look at about:config will give an idea of options that you can set: http://www.mozilla.org/support/firefox/edit#aboutconfig

     

    Proxy Settings:

    The proxy settings can be set in all.js file found in the \nonlocalized\greprefs folder. Search for the phrase proxy.type to jump to the part we are looking for. By default the value is 0 (no proxy). Setting the value to 1 will enable the proxy. If you have auto detection setup on your network you can use 4. Firefox 3 added the option of 5, which will use your “system” proxyIf your proxy was 192.168.1.1:8080 then you would make the file look like this…

     

    pref(“network.proxy.type”, 1);
    pref(“network.proxy.ftp”, “192.168.1.1”);
    pref(“network.proxy.ftp_port”, 8080);
    pref(“network.proxy.gopher”, “192.168.1.1”);
    pref(“network.proxy.gopher_port”, 8080);
    pref(“network.proxy.http”, “192.168.1.1”);
    pref(“network.proxy.http_port”, 8080);
    pref(“network.proxy.ssl”, “192.168.1.1”);
    pref(“network.proxy.ssl_port”, 8080);
    pref(“network.proxy.socks”, “192.168.1.1”);
    pref(“network.proxy.socks_port”, 1080);
    pref(“network.proxy.socks_version”, 5);
    pref(“network.proxy.socks_remote_dns”, false);
    pref(“network.proxy.no_proxies_on”, “localhost, 127.0.0.1,.192.168.1.1 , yourlocalserver.com”);

     

    There are a lot other settings in this file. Take a long look at it and make any changes you would like.

    Disabling Suggested Searches

    If you do not want hundreds of queries for search suggestions every time a single letter is typed in the search bar then open this file: nonlocalized\defaults\pref\firefox.js and search for “suggest”. You should find: pref(“browser.search.suggest.enabled”, true);

    Change it to: pref(“browser.search.suggest.enabled”, false);

    Disabling Application Updates

    When installing Firefox in an enterprise setting you do not want it to look for updates when a regular/non-admin user is logged on (You don’t let your users logon with administrators accounts do you?). In the firefox.js there is a line that looks like this: pref(“app.update.enabled”, true); Change that to: pref(“app.update.enabled”, false); and then your clients will not check for updates automatically.

    There are many other preferences in this file. Take a look at it and make any other changes you like.

     

    Remote Deployment

    Use the method that I share on this page: http://szone.berlinwall.org/win32/DeployinganInstallationPackagetoMultipleClients

     

    The batch file for firefox would be a little different than the example in that article. Something like this should work…

     

    echo “checking for Installers directory on the target…”
    if not exist \\%1\C$\installers mkdir \\%1\C$\installers
    if not exist \\%1\C$\installers\firefox3.6.4 mkdir \\%1\C$\installers\firefox3.6.4
    echo “copying Firefox install to install directory…”
    xcopy “\\MyServer\Updates\firefox3.6.4\*” “\\%1\C$\installers\firefox3.6.4\” /e /y
    echo “Installing Firefox…”
    psexec.exe \\%1 “c:\installers\firefox3.6.4\setup.exe” -ms
    echo “All Done.”

    Credits: http://www.appdeploy.com/packages/detail.asp?id=357 (For the silent install switch)