InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

ABE and local network DNS server setups

https://forums.informaction.com/viewtopic.php?t=21106

Page 1 of 1

ABE and local network DNS server setups

Posted: Sat Aug 01, 2015 1:46 pm
by Thorsten
In my local network I set up a server which serves a blank HTML page for adblock purposes. DNS queries from the local network clients are changed appropriately to point to the local server.

It works very well, however when I use NoScript, I get ABE warnings.
I temporarily disabled the following lines by uncommenting them, in the ABE section of NoScript's Advanced Options tab:

# Prevent Internet sites from requesting LAN resources.
#Site LOCAL
#Accept from LOCAL
#Deny

I wonder if this is a already the perfect solution or if I can change it further so I get the intended security ("Prevent Internet sites from requesting LAN resources") but still let scripts that have their changed DNS responses point to my server's blank HTML page not trigger the ABE warnings.

I hope my explanations are not too complicated. It's a pretty simple setup, but I'm not a native speaker.

Re: ABE and local network DNS server setups

Posted: Sat Aug 01, 2015 5:41 pm
by barbaz
Moving to ABE.
Thorsten wrote:when I use NoScript, I get ABE warnings.
Please reset the SYSTEM rule to default, reproduce the problem, and check the Browser Console (Ctrl-Shift-J) for the message from ABE and post that here.
Thorsten wrote:I wonder if this is a already the perfect solution
No it's definitely not, you're disabling that protection completely - it's there for a reason.
Thorsten wrote:or if I can change it further so I get the intended security ("Prevent Internet sites from requesting LAN resources") but still let scripts that have their changed DNS responses point to my server's blank HTML page not trigger the ABE warnings.
With the Browser Console message(s) we can help you come up with a safe exception.

Re: ABE and local network DNS server setups

Posted: Sat Aug 01, 2015 6:31 pm
by Thorsten

Code: Select all

[ABE] <LOCAL> Deny on {GET http://rcm-eu.amazon-adsystem.com/e/cm?t=cb-noscript-21&o=3&p=48&l=ur1&category=computer&banner=160GN795Y7B8SC5D9202&f=ifr <<< http://www.computerbase.de/ - 7}
SYSTEM rule:
Site LOCAL
Accept from LOCAL
Deny
This is a message I get on a popular German website. The ad server's address, "rcm-eu.amazon-adsystem.com", is in my ad list and so it points to my local network server's LAN IP to get the blank HTML page. But with current ABE rules, not the blank page but the browser message "Page not found" appears inside the ad script's frame. The blank page's purpose is to prevent such messages.

Re: ABE and local network DNS server setups

Posted: Sat Aug 01, 2015 6:43 pm
by Thorsten
I must admit that even though I flushed the DNS caches of the local machines, I can't currently reproduce the problem.
Maybe it was not ABE related.

Then blocking should be even better than requesting a local blank page, and the only remaining "problem" would be to get rid of ABE's error window.

Re: ABE and local network DNS server setups

Posted: Sat Aug 01, 2015 7:19 pm
by barbaz
:o :o
I'm sorry, I totally missed the point. Can you try something like this (no idea if it'll work):
add at the very top of the SYSTEM ruleset

Code: Select all

Site [YOUR_LOCAL_SERVERS_IP]
Accept
Failing that, you could consider to resolve those sites to 0.0.0.0 instead: https://hackademix.net/2009/07/01/abe-w ... where-omg/
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited