Firefox vs Chrome and how to think about browser security?

Hey! Did a quick search of this and found an old conversation from three years ago here. The thread seemed to suggest that while Firefox was better for privacy (for obvious reasons), Chrome's more sophisticated use of sandboxing and research into malicious websites made it better for security.

Three questions (in decreasing order of importance):

1) In the last 3 years, have there been any major changes to Firefox or Chrome / Chromium's security features that warrant a renewed conversation on the pros and cons of each browser?

2) More generally, how should one think about browser security / vulnerabilities? Any technical guides on browser safety beyond just "be careful of what you click and use ublock origin"?

3) What are your best practices for using browsers? For e.g. I try to open up all my pdfs in-browser but not sure if this is actually giving me any added security, etc.


Touch here for the full post on Network Security Noblemen tumblr

Can someone help me understand my firewall logs?

I noticed in my iptables logs invalid packets originating from outside my network being sent to my PC when my PC wasn’t actively running any services. I checked my router’s logs and see blocked packets from an IP with the same first three octets but the fourth is different. The router also didn’t log a few of the IPs I see on my iptables log. What exactly does this mean? They’re different IPs but all originate from the same provider. I’m guessing it’s just someone doing port scans or security scans of some sort or something but I’m wondering what possibilities there are.

Touch here for the full post on Network Security Noblemen tumblr

Should I apply for InfoSec jobs after my BSc or do an MSc?

Hello! I am a 20 year old Computer Science student. I am currently studying for a BSc in Comp Sci on track for a 2.1 or a first by the end of my third year at university.

Although I do not have much experience in any security related field, I have web dev experience at several startups and small work experience at large banks.

My question is, should I look to apply for jobs in Information Security in my final year and after graduation or would it be more advantageous to pursue a MSc in Information Security at a top London university?

Touch here for the full post on Network Security Noblemen tumblr

Does Falcon Sandbox flag every executable as malicious, or just the ones I upload?

I started submitting stuff to hybrid analysis after I had a bad experience with one thing cleared by virustotal, which nevertheless tried to open 50 instances of powershell to do some shit when I simply opened the zip file. (Fortunately whatever it tried to do was blocked by my firewall.)

I don't have the knowledge basically to understand exactly how and why certain actions that it considers probably malicious are bad: it seems like some of them are normal things that the executable would want to do. For example a setup file would write data and be able to restart the computer and so on. A driver setup file would be able to change your drivers, which it thinks is malicious. But there may be other things I don't understand, I'm not that knowledgeable unfortunately.

You can take a look at what I have if you like and just keep to that question of whether this should be taken seriously, though I would certainly appreciate a broader perspective on what to look for in the future:

Touch here for the full post on Network Security Noblemen tumblr

Password Manager ?

Ok, Firstly apologies if this is a stupid question.

I am on a trial offer of 1Password and find it quite decent.

Prior to this I kept my passwords unencrypted on a gmail drive but that gmail address I've never used on any other website for signups or mention to anyone,the gmail password itself is quite strong with 2fa.

I only access that gmail on my computer or on my phone.

So, why is my gmail approach less secure than paying and using a provider like 1Password ?

Touch here for the full post on Network Security Noblemen tumblr

Security Guarantees between routers

Assumption: We know what the security implications are when two computers are sharing a LAN network.

My question is, what would be the security implications when a computer and a router are sharing the same LAN.

The topology would be this:

Router 2 and Hacked Computer are connected to the Main Router. There are 2 other Victim Computers connected to Router 2's LAN.

To what extent could the Hacked computer attack the victims?

Touch here for the full post on Network Security Noblemen tumblr

Can a VPN protect a vulnerable system from targeted attacks within the host network (the one you are tunneling through)?

I don't have a laptop available, or I would test this myself, but I'm curious if a VPN can protect you from targeted attacks from the network you are tunneling through.

Say I have a windows laptop with RDP enabled and connect to a public wifi. Can someone on that hotspot's network, if that network's firewall allows inter-device communication, detect my laptop and start brute-forcing the RDP connection (for example) while I am connected to the VPN? I expect they can in the case of a split tunnel VPN, but is that true full tunnel VPN?

What would be some mitigations in this case? One mitigation I can think of is the private/public/domain classification in the windows firewall. Mark that public wifi as "public" and disable RDP in the firewall for public networks (if it's not already, though I think it should be). Better yet, set up explicit rules that allow only IPs or ranges you are in control, and use only non-standard private ranges in the networks you control (avoid 192.168.0.x or 192.168.1.x or the like which come pre-packaged with most network gear, or at least consumer grade stuff).

What other risks are there when connecting to a random wifi network other than the ones the VPN vendors advertise? Frankly, I think some of them have already been mitigated by HTTPS, which in the vast majority of cases is good enough, and you shouldn't use unencrypted HTTP in the first place.

Touch here for the full post on Network Security Noblemen tumblr