I read here that I should use separate security profiles for different sorts of things; accessing sensitive information, doing system administration vs. opening links from emails.
I know that different instances of Firefox can be run from specifying different profiles to start up the browser with. As long as these are limited to accessing a certain type of site; can they provide protection against application-layer attacks like XSS, and DNS Re-binding?
Each Firefox profile shares no data with the other profile, i.e. they are separate folders and no cookies, saved passwords, installed extensions etc get shared. The only thing which might shared application data outside the control of Firefox, i.e the Silverlight plugin is known to share data even between different browsers on the same system. Flash cookies etc are instead to a specific profile I think. This in effect makes using separate Firefox profiles a good way to separate sites which should never be able to interact inside the browser, like intranet sites and external sites or to protect online banking. It does not protect against DNS rebinding attacks since these are not based on interaction between two sites inside the browser.
To make sure that one does not inadvertently uses the wrong browser one could additionally setup a proxy.pac file for each of the browser profiles which restricts access further. But note that proxy.pac files work at the level of hostnames and not IP address, so it does not protect against external sites returning local IP addresses (i.e. attacker.example.com claiming to be at 127.0.0.1). To get also this problem resolved you need to use a DNS server which can filter the DNS response like dnswall. Such server also protects against DNS rebinding attacks.
proxy.pac we're talking about? auth0.com/blog/heads-up-https-is-not-enough-when-using-wpad/…
Auto-detect proxy settings for this network (in Firefox anyway) and then it would get the networks proxy.pac and this is where that security flaw comes from. Right?