Netcraft
Toolbar
Toolbars are
add-ons to a web browser that enable quick access to many useful
functions that make online surfing easier.
Possibly the most popular is Google Toolbar. This permits searching with Google from any web page,
blocks annoying pop-ups and automatically fills out forms amongst
other useful features. There are probably another 20 or more
toolbars for MSN, Yahoo, Alexa, Wikipedia etcetera - all of which I
can do without. But when I found the Netcraft Toolbar I was instantly
hooked.
The Netcraft Toolbar is a safety
blanket against malicious URLs that are created - some only
for a limited time - for phishing expeditions. These are attempts
totrick
people into disclosing their bank account details, so that the
attacker may then log in to that person's Internet bank and
withdraw their savings.
Users of the Toolbar become
members of a community. Once the phishing URL has been reported by
any member
of the community, it is blocked
for community members as they subsequently access the
URL.
The Toolbar also traps suspicious URLs containing characters which
have no valid purpose; enforces display of browser navigational controls
(toolbar & address bar) in all windows, to defend against pop
up windows which attempt to hide the navigational controls; clearly
displays sites' hosting location, including country, helping you to
evaluate fraudulent URLs.
The Toolbar is available for both IE and Firefox, and here it is
shown in my browser.
Instructions for
installation are specific and explanations for every aspect of the
Toolbar are made available as they become pertinent, including this
warning:
Note for
Firefox users: To protect
your computer, Firefox will prevent this site from installing
software by displaying a yellow bar near the top of your browser
(see below image not
included. ED). Use this dialog to
add toolbar.netcraft.com to your list of Allowed Sites before
trying to install again.
Just follow the instructions.
They save you having to go to Tools> Options> Content>
Exceptions to permit the Toolbar to be installed as a Firefox
Extension. There is an excellent tutorial reached from the Download
link, and you must read it to have any serious understanding of the
information presented.
You can report a URL
by clicking on "Report a Phishing Site" in the toolbar menu,
accessed by clicking on the Netcraft logo.
Email attempts at phishing that
do not contain a URL should be sent in their entirety as an
attachment to scam@netcraft.com.
Risk Rating is based on a number of factors
including:
- Is it a new site, or how long has it been
registered?
- Who is running the DNS and reverse DNS for the site?
- Does it have an SSL Certificate? URLs that require an SSL connection start with
https: instead of http: and
there is a padlock icon at the bottom of the page.
- Has the site hosted fraud sites in the past?
- Is the site hosting from a raw IP address? If the
site has no hostname or domain name be very suspicious.
The Risk Rating can be
calculated fast enough to be performed for arbitrary sites as
people visit them, and does not rely on manual categorization.
All of these factors give us a safe risk rating of
green. An unsafe risk
rating would have a red
bar.
Here is an
example of an unsafe website that is new, and does not have a
rank.
The Rank rating
reflects the popularity of the site among Toolbar users. Google has
a rating of 1 in the current Netcraft published list of Most
Visited Web Sites, but at this moment it is ranked 74 in my
browser.
The Site Report provides a
wealth of current information, as indicated below.
The flag and two-letter ISO code
for the hosting country are shown
next.
The final entry is the name of
the netblock
hosting the site. Clicking on
this provides a list of sites on the same netblock. In our case it
shows chilli/vindaloo/www.tip.net.au plus a handful of others that
may be meaningful to our system operators.
Karen's WhoIs
has long provided information on Domain Names and IP Addresses, but
not with the extent and immediacy of the Toolbar. WhoIs queries
the five Regional Internet Registries currently operating in
the world, doing a Domain Name Lookup or an IP Address Lookup. It
returns information including the domain name's owner, address, and
phone/fax numbers where possible. The PCUG falls in the Asia
Pacific Network Information Centre (APNIC).
The Netcraft Toolbar could be a major contributor to Internet
security and should be a Recommended Download.
Enjoy Your
Computing.
Terry Bibo
INDEX NEXT