Do you trust that the Web site you're visiting is secure? By now most people know to avoid sketchy sites with complicated URLs, misspellings, or seedy graphics. But what about legitimate sites, such as the one for this year's Super Bowl, which was defaced just days before the event to include a link to a malicious Trojan horse?
In tests by CNET Reviews, we found that safe surfing tools such as the Netcraft toolbar and McAfee SiteAdvisor, while effective at stopping sites designed to be fraudulent by nature (aka phishing sites), tend to miss recently defaced legitimate sites. Newer tools like Exploit Prevention Labs Linkscanner Pro actively scan every page as it loads in your browser, blocking any the malicious components residing there, and allowing the sanitized page to display. Now the development team at Mozilla has created a new Firefox extension that also actively scans Web pages for malicious code.
The new extension is called Firekeeper and is still in development, but an alpha version is currently available for downloading and testing. We found this security extension to be very stable and useful, stopping access to at least one site known to CNET as compromised. In practice Firekeeper works like this: When malicious code is found on a site you are about to access, an alert dialog displays the URL of the site, the problem identified, references to security vulnerability reporting sites such as BugTraq, and, finally, actions you may wish to take: Block once, Allow once, Whitelist, or Blacklist. The configuration option allows you to add manually sites to the white or black lists.