Closed duckst3r closed 3 years ago
The current policies for Firefox ESR are good, but we could consider shielding them a little more.
Here are the suggestions:
TRUE
${home}/Downloads
FALSE
TLS_RSA_WITH_3DES_EDE_CBC_SHA
InvalidCertificate
SafeBrowsing
default-on
Enabled
Cryptomining
Fingerprinting
DISABLED
Disable All
uBlock Origin
HTTPS Everywhere
Block All
Disallow All
Block New Requests
tls1.3
tls1.2
Issue solved in PR https://github.com/tracelabs/tlosint-live/pull/56.
Firefox ESR Policies
The current policies for Firefox ESR are good, but we could consider shielding them a little more.
Here are the suggestions:
TRUE
TRUE
TRUE
TRUE
TRUE
${home}/Downloads
FALSE
TRUE
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TRUE
TRUE
TRUE
TRUE
TRUE
TRUE
InvalidCertificate
=TRUE
SafeBrowsing
=TRUE
FALSE
default-on
TRUE
${home}/Downloads
Enabled
:Cryptomining
=TRUE
Fingerprinting
=TRUE
DISABLED
Disable All
/ Force installuBlock Origin
,HTTPS Everywhere
Block All
Disallow All
FALSE
FALSE
FALSE
DISABLED
Block All
/Block New Requests
Block All
/Block New Requests
Block All
/Block New Requests
Block All
/Block New Requests
Block All
/Block New Requests
Block All
/Block New Requests
Block All
/Block New Requests
FALSE
tls1.3
tls1.2