HOWTO : Apparmor with Iceweasel on Kali Linux 1.1.0

It is not effective to use "NoScript" Add-ons on Iceweasel as almost all web pages are using javascript. However, you still need "NoScript" for XSS protection on Iceweasel. You just need to allow it globally and XSS will still in force. To protect your browser from being compromised, an alternative way is to implement the Apparmor. Apparmor for Iceweasel can be used in penetration testing and daily use.



apt-get install apparmor apparmor-docs apparmor-notify apparmor-profiles apparmor-utils dh-apparmor python-libapparmor



Edit the /etc/default/grub to make apparmor to active after boot.



nano /etc/default/grub



Locate the following string :



GRUB_CMDLINE_LINUX_DEFAULT="quiet"



To make it looks like :



GRUB_CMDLINE_LINUX_DEFAULT="quiet apparmor=1 security=apparmor"



Then run the following command :



update-grub



After that, create a file namely usr.lib.iceweasel.iceweasel at /etc/apparmor.d/ :



nano /etc/apparmor.d/usr.lib.iceweasel.iceweasel



Copy the following content to the file and save it.







Then change the mode of iceweasel apparmor to enforce by using the following command :



aa-enforce /etc/apparmor.d/usr.lib.iceweasel.iceweasel



To update the rule of apparmor, just run the following command and ask some questions. Most likely, you just need to answer "Allow".



aa-logprof



Iceweasel Add-ons



You may need to install "FoxyProxy" Add-ons to Iceweasel.



apt-get install xul-ext-foxyproxy-standard



You can install any available Add-ons by searching the database :



apt-cache search xul-ext



That's all! See you.