Blocking content with ABE?

Discussions about the Application Boundaries Enforcer (ABE) module
Post Reply
access2godzilla
Senior Member
Posts: 109
Joined: Sun May 20, 2012 5:09 pm

Blocking content with ABE?

Post by access2godzilla »

Is blocking of requests based on its content possible with ABE? I know that I can do this:

Code: Select all

Site ^https?://.*exe
Accept from .sourceforge.net .mozilla.org
Deny
But what I'm trying to do can be perhaps described like this:

Code: Select all

# Block executables
Content /MZ.*PE/
Accept from .sourceforge.net .mozilla.org
Deny
Of course it does not help with zipped files or XORed payloads and such, but I was just wondering if it could be done...
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36
Top
barbaz
Senior Member
Posts: 10847
Joined: Sat Aug 03, 2013 5:45 pm

Re: Blocking content with ABE?

Post by barbaz »

viewtopic.php?f=23&t=18991
*Always* check the changelogs BEFORE updating that important software!
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26
Top
Post Reply

Return to “ABE”