Dangerous Drive-by Downloads: Protecting yourself with NoScript

27 09 2012

by John Richards

The vast majority of internet users can be placed in to one of two categories; internet users who are in a perpetual state of fear that they will be victimized by a malware attack, and internet users who believe they are not at any risk of being victimized by a malware attack because they have antivirus software installed on their computer. Users in the second category are not using the internet securely, and those in the first category are neither using the internet securely or, due to their fear of malware, effectively.

According to Kevin Parrish of tomshardware.com, 17 percent of global internet users either do not have antivirus software installed, or it is installed but disabled. In the United States, the percentage of users who are completely unprotected is even greater, at 19.32 percent. (Parrish) Let’s be charitable and assume that all our users in both categories have antivirus software installed on their computer and that it is

  1. A reputable product, and not itself malware
  2. A well designed and effective product
  3. Up to date with the latest virus definitions

These users are only protected, assuming their antivirus software operates at a 100% rate of success, from malware that has already been identified by antivirus companies and written in to their definitions and sent out in updates to users. These users are still vulnerable to zero-day exploits.

One way for malware to infect a computer system is via drive-by download. According to SecurityNewsDaily Staff “Drive-by downloads are malicious pieces of software that are downloaded to a computer, tablet or smartphone when the user views a compromised Web page or HTML-based email message. In many cases, the malware will be automatically installed on the system.” (SecurityNewsDaily Staff)  The plugins that initiate the drive-by-download can be as small as 1 pixel, making them essentially invisible. How can a typical internet user with little knowledge about or skills related to information security easily protect themselves from many (not all) drive-by download attempts? The Firefox NoScript extension.

NoScript will by no means protect internet users from all possible malware infections (nothing will) but it is a simple easy to use means of significantly reducing your exposure to malware without requiring knowledge and skills in information security. According to noscript.net, the NoScript Firefox extension “provides extra protection for Firefox, Seamonkey and other mozilla-based browsers”, “allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice”, and “provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser.” (“noscript.net”)These features combine to greatly decrease a user’s chances of being infected by malware that uses plugins to perform a drive-by download.

NoScript can be downloaded and configured on your Firefox browser in

  1. Navigate to www.noscript.net
  2. Click the big green “Install” button on the middle left side of the screen
  3. A dialogue box will appear that says “Firefox prevented this this site (noscript.net) from asking you to install software on your computer. Click “Allow”
  4. When the download completes, a popup window will remind you to only install add-ons from authors whom you trust (an excellent idea). Click “Install Now”
  5. A window will tell you that NoScript will finish installing when you restart Firefox. Restart Firefox.

Now when you go to a website that you have not allowed to run scripts, instead of the scripts running automatically you will see something like this:

 

By clicking on the options button in the bottom right corner you can temporarily or permanently allow scripts on the page, thereby easily viewing all content that requires plugins.

___________________

“NoScript.” noscript.net. Inform Action Open Source Software, 2012. Web. 25 Sep 2012. <http://noscript.net/&gt;.

Parrish, Kevin. “1 in 6 Windows PCs Have Zero Antivirus Protection.” tom’s hardware the authority on tech. N.p., 31 May 2012. Web. 25 Sep 2012. <http://www.tomshardware.com/news/M,15826.html&gt;.

SecurityNewsDaily Staff, . “Drive-By Downloads: How They Attack and How to Defend Yourself.” Security News Daily. N.p., 18 May 2012. Web. 25 Sep 2012. <http://www.securitynewsdaily.com/1876-driveby-download-definition.html&gt;.

Advertisements

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: