ARTICLE

When Firefox acts like an IDS !!

Thursday 8 March 2007

Firekeeper is an Intrusion Detection and Prevention System for Firefox. It is able to detect, block and warn the user about malicious sites. Firekeeper uses flexible rules similar to Snort ones to describe browser based attack attempts. Rules can also be used to effectively filter different kinds of unwanted content.

Here is a pretty good extension we’ve found out during Tracking New Firefox Extensions releases. An update of "Turning Firefox to an Ethical Hacking Platform" should be released soon with a new bunch of exciting extensions.

Features of Firekeeper include:

- Ability to scan incoming Firefox traffic - HTTP(S) response headers, body and URL and to cancel processing of suspicious responses.
- HTTPS and compressed responses are scanned after decryption/decompression.
- Very fast pattern matching algorithm (taken directly from Snort).
- Interactive alerts that give an ability to choose a response to detected attack attempt.
- Ability to use any number of files with rules and to automatically load files from remote locations.

See FireCAT Framework for a complete map of security auditing extensions.


POSTSCRIPTUM

Download and more information


RELATED ARTICLES

FireCAT, Firefox, IDS,

12 May 2008 : FireCAT 1.4 released
28 February 2008 : Release of a dedicated FireCAT website
28 February 2008 : FireCAT 1.3 Extensions Package released
27 November 2007 : FireCAT 1.3 released (ExploitMe Tools included)
27 November 2007 : FireCAT (Firefox Catalog of Auditing exTensions) version 1.3 released
2 September 2007 : FireCAT (Firefox Catalog of Auditing exTensions) version 1.2 released
13 June 2007 : FireCAT 1.1 Firefox Catalog of Auditing exTensions available
20 March 2007 : FireCAT (Firefox Catalog of Auditing Toolbox) updated to version 0.95
16 March 2007 : Security-Database releases FireCAT (Firefox Catalog of Auditing Toolbox)
8 March 2007 : When Firefox acts like an IDS !!