Can I use seprate firefox profiles to protect against CSRF, XSS and DNS Re-binding?
I read here (http://security.stackexchange.com/questions/106333/is-binding-all-private-services-to-the-127-0-0-1-address-and-then-accessing-them/106340?noredirect=1#comment187952_106340) that I should use separate security profiles for different sorts of things; accessing sensitive information, doing system administration vs. opening links from emails.
I know that different instances of Firefox can be run from specifying different profiles to start up the browser with. As long as these are limited to accessing a certain type of site; can they provide protection against CSRF, XSS, and DNS Re-binding?
Also, can these profiles be limited to visiting only certain sites? Can they also exclude certain sites to prevent for instance sites in private profiles (your bank, system administration) from being visited using a public profile (links in an email)?
所有回覆 (3)
P.S. I use Linux and Windows.
https://support.mozilla.org/en-US/kb/profile-manager-create-and-remove-firefox-profiles
You can have as many profiles as you want. When you create new profiles, give them a name that shows that each is for.
I have this shortcut on my Windows desk top; "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -p
Yours may be different. Note the quotes and that the -p is on the outside.