Analytics cookies being listed when logging into firewall with Chrome Browser.
-
the only tab I had open was the firewall, that is why it
confused me this was prior to the 23.01 update.Could it be, that you own a google account and you where logged in that over Chrome, during you where doing a visit here in the forum or your call of the admin web interface?
And from there the google analytics were "knowing" or watching what you are doing?
#~. @Dobby
Turris Omnia - 4 Ports - 2 GB RAM / TurrisOS 7 Release (Btrfs)
PC Engines APU4D4 - 4 Ports - 4 GB RAM / pfSense CE 2.7.2 Release (ZFS)
PC Engines APU6B4 - 4 Ports - 4 GB RAM / pfSense+ (Plus) 24.03_1 Release (ZFS) -
@steveits yes that is only used as an example. The 3rd party analytics was tied into a CDN also I can't remember the full URL but Content Delivery Network (CDN) was included in it.
-
@dobby_ I am not worried about Google Analytics as I live in California. We have a (California Consumer Privacy Act) CCPA law here with relationship to data privacy. You might not have the heavy level of privacy protections that California provides to its residents. Moreover, if you’re in another state/country there are different data sovereignty laws. I am worried about the possibility of a keylogger cookie and how to stop it. The Google analytics was an example. The cookies I started to see all the sudden that I noticed had .CDN in the URL with every GUI login. It was very subtle as the browser would wait for a connection to the URL’s cookie before I could log on and all tabs did the same thing. Yes, Google Chrome can log you into your account. But this was a 3rd party URL that was not related to Google. I had the idea that it could be a tracking analysis system because some items like doubleclick net and others are blocked. If that's the case a second browser would help or sandboxed environment like the ones inside of Windows 10-11 pro. Again, this is a home network. A larger scale system this type of logging attack could be used as part of information gathering and reconnaissance steps like Discovery, Discovery Scan, and Enumeration all just by watching any admins keystrokes when he logs in to the firewall's GUI and actively probe for any vulnerability. Moreover, I am sure you know some nation state actors will wait years testing and planning before they act on a plan. The idea is to always be one step ahead. Finally bringing up weird things that are out of norm like this help the cyber security community have a course of action for when such an issue occurs. Maybe it was a vulnerability being tested on a smaller scale system, someone that normally would not notice that way if it worked it could be used on a larger scale one later on. Who knows, I just want to bring light to what I have seen.
-
Nothing like that is in pfSense AFAIK.
I agree, noting it here for anyone else searching is probably a good thing to do.
-
I caught it again!! as soon as I click log in I am getting 3rd party cookies that it waits for before I can log in.
Make sure to upvote
-
-
@jonathanlee
Disable all browser add-ons and try again.BTW: If you attache importance on privacy Google Chrome might not be the best choice anyway.
-
@viragomann We shouldn't have to deal with issues like this with new laws like CCPA, I think a couple months ago Google had to pay a large fine for privacy abuses. Yes I agree I started to use Edge for everything.
-
Mmm, that's got to be some browser plugin I would think.
-
@stephenw10 the only plug in I have is Kaspersky antivirus. Again, I have had that AV for years and never noticed activity like this with the firewall. This type of analysts activity might not be spotted by many other users. I wonder what is its relationship to the firewall, and why IBM? Last one I noticed was a 3rd party version and not a Big tech version like this. IBM web analytics is not something I normally see, plus for it to attach itself onto PfSense and the firewall does cause some development concerns from a lifecycle perspective, I wonder how they pulled it off. As soon as cookies are cleaned it's gone. Google Analytics I have never seen on it. I have seen cloudflare analytics also.
-
As soon as cookies are cleaned it's gone.
I would say you could install some privacy addons
and say absolute no to cookies! And you only keep
your cookies from your switches and routers or firewalls
and use only that one (browser) for your internal tech equipment.Google Analytics I have never seen on it. I have seen
cloudflare analytics also.pfBlocker-NG and/or Squid & SquidGuard may be sorted
with some add blocker lists.
