That would make most of the Internet unusable and produce some bad looking websites with reduced functionality while some would stop working completely.

Local Rodeo is a Firefox extension that protects Firefox against two types of JavaScript malware. The two types are Intranet Exploration and Anti DNS-Pinning.

Intranet Exploration (i.e. JavaScript portscanning and fingerprinting): The extension classifies all network locations to be either local or external, with local locations being part of the intranet. All http requests that have an external origin (i.e. were generated within the execution context of an external webpage) and a local target (i.e. an intranet resource) are canceled by LocalRodeo.

Anti DNS-Pinning: LocalRodeo detects this attack method by monitoring DNS answers. The switch of a given domain from external to local (or vice versa) is a clear indication of an anti-pinning attack. If such a switch is detected, all further requests from or to the malicious domain are prohibbited.

A detailed explanation of Anti DNS-Pinning can be found at the blog of Christian Matthies. The extension was updated to be compatible with Firefox 3 today.

Related posts

• You better stop using Internet Explorer for now (18)
• View Javascript Sources with JSView (1)
• Test Your Browser’s JavaScript Performance (5)
• Control Javascript Events in Firefox (1)
• Block NoScript From Opening Homepage After Update (8)