New Chrome and Firefox browser Behave! Extension can help you find websites that do Port Scans or local attacks
You may have heard reports about eBay and many other websites scanning your ports in the recent past. Now a browser extension for Chrome and Firefox can detect such port scans and alert you in real-time. Developed by Stefano Di Paola of MindedSecurity, the Behave! browser extension is available for both Chrome and Firefox browsers and can also stop local attacks in addition to port scans.
In May security researchers found that websites like eBay, Citibank, and a couple of others had an embedded script that would perform a port scan a visitor’s computer to identify Windows remote access programs running on it. Though these websites didn’t do it, websites could embed such scripts in their pages to initiate attacks on other devices on your network like DNS Rebinding attacks.
“Behave! was born as a conceptual experiment around the behavior of web pages that might abuse some of those features, and if the interest on Behave! keeps raising, it might hopefully be a long-lasting project to help raising awareness. For example local Port Scan, Cross Protocol attacks, DNS rebinding are very old attacks that are still possible and difficult to completely “fix” by browser vendors because they abuse core features of the Web ecosystem,” Di Paola told BleepingComputer
Bleeping computer states that Citibank, TD Bank, Ameriprise, Chick-fil-A, Lendup, BeachBody, Equifax IQ connect, TIAA-CREF, Sky, GumTree, and WePay port scan visitors computers.
Once installed on your Chrome browser or Firefox browser, the Behave! extension will warn you about:
- Browser-based Port Scan.
- Access to Private IPs
- DNS Rebinding attacks to Private IPs
You can also disable alerts if you don’t want the extension to warn you. You can download the Behave! Extension from belowBehave! Extension for Google Chrome Browser Behave! Extension for Mozilla Firefox Browser