FFOX-00-000019 – Firefox private browsing must be disabled.

Details

Private browsing allows the user to browse the internet without recording their browsing history/activity. From a forensics perspective, this is unacceptable. Best practice requires that browser history is retained.

Solution

Windows group policy:
1. Open the group policy editor tool with ‘gpedit.msc’.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefox
Policy Name: Disable Private Browsing
Policy State: Enabled

macOS ‘plist’ file:
Add the following:
DisablePrivateBrowsing

Linux ‘policies.json’ file:
Add the following in the policies section:
‘DisablePrivateBrowsing’: true

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-7a.
CAT|II
CCI|CCI-000381
Rule-ID|SV-251563r807161_rule
STIG-ID|FFOX-00-000019
Vuln-ID|V-251563

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles