Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
-
- Junior Member
- Posts: 21
- Joined: Sat Aug 29, 2015 6:01 pm
Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
Thank you, Great software,
Firefox -> Mac, Linux, W$N
Most virus, malware enter via Browser.
I'm trying to block all malic. code
Anti-Virus test the .ext of the files.
I'm trying block:
.exe .bat .dll .sh .dmg, .cmd, .cpl, .lnk, .pif, .scr, .vbs, .vbe, .vb, .ws, .wsc, .wsf,.msi, .dll, .reg, .jse, .bas, .chm, .scf, .sct
What is the procedure?
And to protect Firefox ... .XPI?
But he don't update ?
Thank for your comments
Kind regards,
Firefox -> Mac, Linux, W$N
Most virus, malware enter via Browser.
I'm trying to block all malic. code
Anti-Virus test the .ext of the files.
I'm trying block:
.exe .bat .dll .sh .dmg, .cmd, .cpl, .lnk, .pif, .scr, .vbs, .vbe, .vb, .ws, .wsc, .wsf,.msi, .dll, .reg, .jse, .bas, .chm, .scf, .sct
What is the procedure?
And to protect Firefox ... .XPI?
But he don't update ?
Thank for your comments
Kind regards,
FreeBSD, OpenBSD, NetBSD, Solaris, Linux Administrator
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
With NoScript?
(that's suposed to be all one line until Deny INC but the forum is breaking it up for some weird reason.)
If you don't even want able to download these manually/yourself, change Deny INC to just Deny
EDIT oops, forgot to say what to do with that code
NoScript Options > Advanced > ABE > USER
paste that in
EDIT2 fix: apply to files served over secure transfer protocols
Code: Select all
Site ^(?:[0-9A-Za-z-]+tps?|wss)://.*\.(?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct)
Deny INC
If you don't even want able to download these manually/yourself, change Deny INC to just Deny
EDIT oops, forgot to say what to do with that code
NoScript Options > Advanced > ABE > USER
paste that in
EDIT2 fix: apply to files served over secure transfer protocols
*Always* check the changelogs BEFORE updating that important software!
-
-
- Junior Member
- Posts: 21
- Joined: Sat Aug 29, 2015 6:01 pm
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
Yes in NoScriptbarbaz wrote:With NoScript?(that's suposed to be all one line but the forum is breaking it up for some weird reason.)Code: Select all
Site ^(?:[0-9A-Za-z-]+tp|wss)://.*\.(?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct) Deny INC
If you don't even want able to download these manually/yourself, change Deny INC to just Deny
EDIT oops, forgot to say what to do with that code
NoScript Options > Advanced > ABE > USER
paste that in
Since this block most of the virus ... put your code in FAQ?
Add this to about:config noscript.ABE.rulesets.Block_Files
and add your code
Thank you for your code and comments
Ruy
FreeBSD, OpenBSD, NetBSD, Solaris, Linux Administrator
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
My apologies, I worded part of my last post badly, please check the next edit
Anyway, can you please expand on that suggestion a little:
1) What question would you suggest that is understandable to even average users to which this is the answer?
2) What evidence do you have for that those file extensions are "most" of online virus? I personally have heard that it's exploits of plugins (e.g. Flash) that result in viruses, this is the first I've heard that can loading these type files to cause virus...
Maybe - this is up to Giorgio. I don't think this is exactly a frequently asked question though (note that I did not know enough to even come up with the idea until reading & replying your post), but what do I knowruy.benton wrote:Since this block most of the virus ... put your code in FAQ?
Anyway, can you please expand on that suggestion a little:
1) What question would you suggest that is understandable to even average users to which this is the answer?
2) What evidence do you have for that those file extensions are "most" of online virus? I personally have heard that it's exploits of plugins (e.g. Flash) that result in viruses, this is the first I've heard that can loading these type files to cause virus...
No reason to create another ruleset for a rule like that. Just put it at the *very top* of USER. It's the same effect & (I think) more performance efficient than creating another ruleset because ABE processes each ruleset independently, why make it process more than needed for what will be a Deny?ruy.benton wrote:Add this to about:config noscript.ABE.rulesets.Block_Files
and add your code
You're welcomeruy.benton wrote:Thank you for your code and comments
*Always* check the changelogs BEFORE updating that important software!
-
-
- Junior Member
- Posts: 21
- Joined: Sat Aug 29, 2015 6:01 pm
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
line 3:6 no viable alternative at character '?'barbaz wrote: (?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct)
Well this is my work, all day ... Servers, Computers, security and delete virus and worms ... if NoScript help ... Thank you.barbaz wrote: Maybe - this is up to Giorgio. I don't think this is exactly a frequently asked question though (note that I did not know enough to even come up with the idea until reading & replying your post), but what do I know
Simple - My computer is free - Virus, Worms ... and 1000 computers I Admin and setupbarbaz wrote: Anyway, can you please expand on that suggestion a little:
1) What question would you suggest that is understandable to even average users to which this is the answer?
barbaz wrote: 2) What evidence do you have for that those file extensions are "most" of online virus? I personally have heard that it's exploits of plugins (e.g. Flash) that result in viruses, this is the first I've heard that can loading these type files to cause virus...
In Linux, MacOSX, W$n and many other O.S.
1 - The Ani-Virus check all files, WE or the Browser Download in ForeG. or Background ... If I have a blocker for most files ... great
2- /etc/hosts, resolv The root own and is read only ... I check everyday the file.
Firefox - Proxy - > I check everyday
3 - Scripts - > NoScript block most of invasions
Flash and other plugins - > in the final stage (infection) ... they Download files -> O.S. - DLL, SH, EXE, DMG ...
Thank ... save the advicebarbaz wrote: ... more performance efficient than creating another ruleset because ABE processes each ruleset independently, why make it process more than needed for what will be a Deny?
And to protect Firefox ... .XPI?
Kind Regards,
Ruy
FreeBSD, OpenBSD, NetBSD, Solaris, Linux Administrator
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
Yeah, sorry, that's supposed to be on the same line as the Site line. That's what I meant my comment about the forum breaking it up.ruy.benton wrote:line 3:6 no viable alternative at character '?'barbaz wrote: (?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct)
Ah, so the plugin exploit isn't generally itself the virus but it's just a way to deliver & run the virus.ruy.benton wrote:Well this is my work, all day ... Servers, Computers, security and delete virus and worms ... if NoScript help ... Thank you.barbaz wrote: Maybe - this is up to Giorgio. I don't think this is exactly a frequently asked question though (note that I did not know enough to even come up with the idea until reading & replying your post), but what do I know
Simple - My computer is free - Virus, Worms ... and 1000 computers I Admin and setupbarbaz wrote: Anyway, can you please expand on that suggestion a little:
1) What question would you suggest that is understandable to even average users to which this is the answer?
barbaz wrote: 2) What evidence do you have for that those file extensions are "most" of online virus? I personally have heard that it's exploits of plugins (e.g. Flash) that result in viruses, this is the first I've heard that can loading these type files to cause virus...
In Linux, MacOSX, W$n and many other O.S.
1 - The Ani-Virus check all files, WE or the Browser Download in ForeG. or Background ... If I have a blocker for most files ... great
2- /etc/hosts, resolv The root own and is read only ... I check everyday the file.
Firefox - Proxy - > I check everyday
3 - Scripts - > NoScript block most of invasions
Flash and other plugins - > in the final stage (infection) ... they Download files -> O.S. - DLL, SH, EXE, DMG ...
So you're saying that you've had personal experience with administering a LOT of computers where inclusions of files with these extensions are causing virus... so something like this Faq suggestion?
"I've seen that many viruses in the end come from native executable files & such being included by pages in an exploit scenario. I only need to download such files directly when I want, I don't ever need my browser or a plugin to display them, so how to use NoScript to block them from being embedded?"
I'm not sure I'm understanding this question. Sure you can add xpi to the list if you think it'd help (I think you can figure how ).ruy.benton wrote:And to protect Firefox ... .XPI?
The main threat to Firefox with XPIs is those side-loaded by the file types already blocked by the rule as is. A page trying to install an XPI in Firefox through Firefox is going to be blocked & throw either A) a doohanger and/or B) a scary warning in the user's face when they don't expect it. So I guess whether it's worth to add it depends on who your end user is.
*Always* check the changelogs BEFORE updating that important software!
-
-
- Junior Member
- Posts: 21
- Joined: Sat Aug 29, 2015 6:01 pm
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
Now I don't get the error but ...barbaz wrote:Yeah, sorry, that's supposed to be on the same line as the Site line. That's what I meant my comment about the forum breaking it up.ruy.benton wrote:line 3:6 no viable alternative at character '?'barbaz wrote: (?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct)
For ex. if we want to block PDF ... in "https://noscript.net/abe/abe_rules.pdf"
I can block with:
Site ^(?:https|wss)://.*\.(?:pdf)
Deny
With your code:
Site ^(?:[0-9A-Za-z-]+tp|wss)://.*\.(?:pdf)
Deny
Don't work
Something is wrong ... in [0-9A-Za-z-]+tp
barbaz wrote:Ah, so the plugin exploit isn't generally itself the virus but it's just a way to deliver & run the virus.
So you're saying that you've had personal experience with administering a LOT of computers where inclusions of files with these extensions are causing virus... so something like this Faq suggestion?
"I've seen that many viruses in the end come from native executable files & such being included by pages in an exploit scenario. I only need to download such files directly when I want, I don't ever need my browser or a plugin to display them, so how to use NoScript to block them from being embedded?"
Lots of examples in many pages and blogues
I would like a plugin, to alert Firefox -> write some file in the system.
Exclude:
.cache/mozilla/firefox
and .mozilla
If he write in other parts of the File System ... is 100% a virus or ...
I'm downloading something
ruy.benton wrote:And to protect Firefox ... .XPI?
Yes, most of the time I see the warning ... and we click in preferences ...barbaz wrote:I'm not sure I'm understanding this question. Sure you can add xpi to the list if you think it'd help (I think you can figure how ).
The main threat to Firefox with XPIs is those side-loaded by the file types already blocked by the rule as is. A page trying to install an XPI in Firefox through Firefox is going to be blocked & throw either A) a doohanger and/or B) a scary warning in the user's face when they don't expect it. So I guess whether it's worth to add it depends on who your end user is.
This is an example ... if you know other treats ... updates in main kernel
Thank you for your comments
FreeBSD, OpenBSD, NetBSD, Solaris, Linux Administrator
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
Oh phooey, I just can't get this right can I?ruy.benton wrote:Now I don't get the error but ...
For ex. if we want to block PDF ... in "https://noscript.net/abe/abe_rules.pdf"
I can block with:
Site ^(?:https|wss)://.*\.(?:pdf)
Deny
With your code:
Site ^(?:[0-9A-Za-z-]+tp|wss)://.*\.(?:pdf)
Deny
Don't work
Something is wrong ... in [0-9A-Za-z-]+tp
Code: Select all
Site ^(?:[0-9A-Za-z-]+tps?|wss)://.*\.(?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct)
Deny INC
When don't you see any warning when trying install extension in Firefox through Firefox?ruy.benton wrote:Yes, most of the time I see the warning ... and we click in preferences ...
This is an example ... if you know other treats ... updates in main kernel
And what do you mean "if you know other treats ... updates in main kernel"?
You're welcome, thank you for the explanations.ruy.benton wrote:Thank you for your comments
*Always* check the changelogs BEFORE updating that important software!
-
-
- Junior Member
- Posts: 21
- Joined: Sat Aug 29, 2015 6:01 pm
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
TO MODERATOR - > PLEASE MOVE THIS TO ABE SUB-FORUM
Add .com, need change:
Site ^(?:[0-9A-Za-z-]+tps?|wss)://.*/.*\.(?:gz|com)
Deny
Or he blocks all domains with .com
And if lots of dots in the file name puff
ftp ... don't work
"if you know other treats ... updates in main kernel"
The main part of Firefox ... the program and the lib ex: libnspr4.so, libssl3.so and many others
I would like a plugin, to alert Firefox -> write files in the system.
I can use lsof ... but lots of work
Thank you for your comments
Add .com, need change:
Site ^(?:[0-9A-Za-z-]+tps?|wss)://.*/.*\.(?:gz|com)
Deny
Or he blocks all domains with .com
And if lots of dots in the file name puff
ftp ... don't work
ruy.benton wrote:Yes, most of the time I see the warning ... and we click in preferences ...
... if you know other treats ... updates in main kernel
The malicious code could bypass the warning ... and install any codebarbaz wrote:When don't you see any warning when trying install extension in Firefox through Firefox?
And what do you mean "if you know other treats ... updates in main kernel"?
"if you know other treats ... updates in main kernel"
The main part of Firefox ... the program and the lib ex: libnspr4.so, libssl3.so and many others
I would like a plugin, to alert Firefox -> write files in the system.
I can use lsof ... but lots of work
Thank you for your comments
FreeBSD, OpenBSD, NetBSD, Solaris, Linux Administrator
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
SURE, DONEruy.benton wrote:TO MODERATOR - > PLEASE MOVE THIS TO ABE SUB-FORUM
OK try this:ruy.benton wrote:Add .com, need change:
Site ^(?:[0-9A-Za-z-]+tps?|wss)://.*/.*\.(?:gz|com)
Deny
Or he blocks all domains with .com
Code: Select all
Site ^(?:[0-9A-Za-z-]+tps?|wss)://[^/:]+[/:].*\.(?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct|com)(?:[^0-9A-Za-z/].*)?$
Deny INC
what?ruy.benton wrote:And if lots of dots in the file name puff
In what way?ruy.benton wrote:ftp ... don't work
Not unless it's already got a full hold of the browser, at which point the user anyway has bigger problems than an unwanted xpi and the malicious code could do more than just bypassing the warning to and installing an xpi.ruy.benton wrote:The malicious code could bypass the warning ... and install any code
Well for Windows there exists a program called sandboxie that Tom T. used to recommend (I know nothing of it myself being that I'm not a Windows user.)ruy.benton wrote:"if you know other treats ... updates in main kernel"
The main part of Firefox ... the program and the lib ex: libnspr4.so, libssl3.so and many others
I would like a plugin, to alert Firefox -> write files in the system.
I can use lsof ... but lots of work
Don't have any ideas for other OSes, sorry.
*Always* check the changelogs BEFORE updating that important software!
-
-
- Junior Member
- Posts: 21
- Joined: Sat Aug 29, 2015 6:01 pm
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
Thank you very muchbarbaz wrote:SURE, DONEruy.benton wrote: TO MODERATOR - > PLEASE MOVE THIS TO ABE SUB-FORUM
ruy.benton wrote:Add .com, need change:
Site ^(?:[0-9A-Za-z-]+tps?|wss)://.*/.*\.(?:gz|com)
Deny
Or he blocks all domains with .com
Ex.barbaz wrote:OK try this:Code: Select all
Site ^(?:[0-9A-Za-z-]+tps?|wss)://[^/:]+[/:].*\.(?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct|com)(?:[^0-9A-Za-z/].*)?$ Deny INC
http://products.kaspersky-labs.com/engl ... 4en-gb.exe
I can't Download ...
ftp://ftp.us.dell.com/network/
Any exe ... I can Download
ruy.benton wrote:The malicious code could bypass the warning ... and install any code
Yeap and any code not only the XPIbarbaz wrote:Not unless it's already got a full hold of the browser, at which point the user anyway has bigger problems than an unwanted xpi and the malicious code could do more than just bypassing the warning to and installing an xpi.
ruy.benton wrote:I would like a plugin, to alert Firefox -> write files in the system.
I can use lsof ... but lots of work
I have several products for enclose the OS and Delete the OS and FS after use ... and save only the bookmarkbarbaz wrote:Well for Windows there exists a program called sandboxie that Tom T. used to recommend (I know nothing of it myself being that I'm not a Windows user.)
Don't have any ideas for other OSes, sorry.
Ex. https://www.virtualbox.org/wiki/Screenshots
I use this in some class and college. We setup a virtual machine ... and as the class close we delete the virtual machine and copy a fresh HD.
I use BSD, MacOSX, Linux ... your main OS ... ?
Kind Regards,
Ruy
FreeBSD, OpenBSD, NetBSD, Solaris, Linux Administrator
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
Hmm is what you want to not able to even download these manually? Then change Deny INC to Deny & remember to disable that rule when you actually want to download those type of code. (Then it is indeed useful to keep it in its own ruleset.)ruy.benton wrote:Ex.
http://products.kaspersky-labs.com/engl ... 4en-gb.exe
I can't Download ...
ftp://ftp.us.dell.com/network/
Any exe ... I can Download
Oh.. yeah, I use VirtualBox too & it's awesome. I was thinking that didn't require booting another OS - for use in a VM so that can have a REALLY disposable environment.ruy.benton wrote:I have several products for enclose the OS and Delete the OS and FS after use ... and save only the bookmark
Ex. https://www.virtualbox.org/wiki/Screenshots
I use this in some class and college. We setup a virtual machine ... and as the class close we delete the virtual machine and copy a fresh HD.
Used to be Mac OS X Lion until recently when I had to switch to Lubuntu 14.04.ruy.benton wrote:I use BSD, MacOSX, Linux ... your main OS ... ?
But I've played with a lot of different OSes - I've got (or had) VM's for most popular Linux distros as well as OpenBSD & NetBSD (never could make FreeBSD work). Also have a pre-built OpenSolaris VM somewhere...
*Always* check the changelogs BEFORE updating that important software!
-
-
- Junior Member
- Posts: 21
- Joined: Sat Aug 29, 2015 6:01 pm
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
I need to test your code ...barbaz wrote: Hmm is what you want to not able to even download these manually? Then change Deny INC to Deny & remember to disable that rule when you actually want to download those type of code. (Then it is indeed useful to keep it in its own ruleset.)
HTTP, FTP, Telnet, Gopher, Bitorrent ...
HTTP
Ex. http://products.kaspersky-labs.com/engl ... 4en-gb.exe
Block any .ext correct ... work
FTP
Ex.
ftp://ftp.us.dell.com/network/
Any .exe ... DON'T BLOCK ANY .EXT ... DON'T WORK
Need switch to Lubuntu in a INTEL MAC?barbaz wrote:Used to be Mac OS X Lion until recently when I had to switch to Lubuntu 14.04.
But I've played with a lot of different OSes - I've got (or had) VM's for most popular Linux distros as well as OpenBSD & NetBSD (never could make FreeBSD work). Also have a pre-built OpenSolaris VM somewhere...
FreeBSD don't work? ... I have several servers ...
Nooooooo ... you sug. Sandbox ...barbaz wrote:Oh.. yeah, I use VirtualBox too & it's awesome. I was thinking that didn't require booting another OS - for use in a VM so that can have a REALLY disposable environment.
"I would like a plugin, to alert Firefox -> write files in the system.
I can use lsof ... but lots of work"
Here is an example:
https://addons.mozilla.org/en-us/firefox/addon/priv8/
There is several Sandbox for Mac, Linux:
http://hints.macworld.com/article.php?s ... 8044558156
https://www.romab.com/ironfox/
https://l3net.wordpress.com/projects/firejail/
http://www.linux-magazine.com/Issues/2015/173/Firejail
Kind Regards,
Ruy
FreeBSD, OpenBSD, NetBSD, Solaris, Linux Administrator
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
IBM Mainframe
MacOSX
Cisco
Hacker, Cracker - 680XX,
Data Recover - Disks, Tapes
Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
ABE is specifically for filtering HTTP requests. It's a web firewall, not a general-purpose one. FTP is out of scope.ruy.benton wrote: FTP
Ex.
ftp://ftp.us.dell.com/network/
Any .exe ... DON'T BLOCK ANY .EXT ... DON'T WORK
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Re: Block files -> .exe .bat .dll .sh .dmg .cmd .cpl .lnk
And I missed yet another detail in the rule...
Apparently there is also a "ws" protocol that communicates with Internet...
(see viewtopic.php?p=74942#p74942 for some of it)
I'm not looking to use FreeBSD as a server anyway. What I want to make work is the latest available FreeBSD release (at whatever time I attempt to first install it), with a graphical environment* & my favorite applications. It would be quite helpful to me if I can have proper experience with, and a VM of, the most popular *BSD distro (aside Mac OS X of course).
Oddly I didn't have very much better luck even starting with a pre-built VM that already had a desktop environment (again, I could use it "as-is" but getting other software onto it was still a problem.)
Any advice for me for next time I decide to try it again?
* Please not GNOME 3. My favorite desktop environments are LXDE and Openbox, but I can work with KDE3/Trinity, XFCE, & fvwm. I'm fine with the KDE 4+ desktop environment as well, but as much as I like the Oxygen look & certain individual KDE apps.. for the same reason I cannot use OS X > 10.7.x, let's keep the actual DE of KDE in a VM
Code: Select all
Site ^(?:[0-9A-Za-z-]+tps?|wss?)://[^/:]+[/:].*\.(?:exe|bat|dll|sh|dmg|cmd|cpl|lnk|pif|scr|vbs|vbe|vb|ws|wsc|wsf|msi|reg|jse|bas|chm|scf|sct|com)(?:[^0-9A-Za-z/].*)?$
Deny INC
Yep. (Well, had to dual boot anyway, but using Lubuntu as my main OS.) I'd rather not get into the details of why here.ruy.benton wrote:Need switch to Lubuntu in a INTEL MAC?
(see viewtopic.php?p=74942#p74942 for some of it)
I've tried to set up a FreeBSD VM for myself from the install CD, and I just couldn't get it going in the way I wanted... my machine doesn't have the specs to compile tons of stuff (& building things from source almost always goes wrong for me) and all I could do with FreeBSD in any case was a basic install and then use the resulting system exactly as it was. I simply could not find a way to add software to the machine, see what software was on it, or even update the machine's existing software... all the suggestions I found on the Internet failed one way or another.ruy.benton wrote:FreeBSD don't work? ... I have several servers ...
I'm not looking to use FreeBSD as a server anyway. What I want to make work is the latest available FreeBSD release (at whatever time I attempt to first install it), with a graphical environment* & my favorite applications. It would be quite helpful to me if I can have proper experience with, and a VM of, the most popular *BSD distro (aside Mac OS X of course).
Oddly I didn't have very much better luck even starting with a pre-built VM that already had a desktop environment (again, I could use it "as-is" but getting other software onto it was still a problem.)
Any advice for me for next time I decide to try it again?
* Please not GNOME 3. My favorite desktop environments are LXDE and Openbox, but I can work with KDE3/Trinity, XFCE, & fvwm. I'm fine with the KDE 4+ desktop environment as well, but as much as I like the Oxygen look & certain individual KDE apps.. for the same reason I cannot use OS X > 10.7.x, let's keep the actual DE of KDE in a VM
Well a sandbox will know everything that's written through it... so am I misunderstanding what you're wondering about?ruy.benton wrote:Nooooooo ... you sug. Sandbox ...
"I would like a plugin, to alert Firefox -> write files in the system.
I can use lsof ... but lots of work"
This link looks very interesting to me for a number of reasons. Thanks!ruy.benton wrote:There is several Sandbox for Mac, Linux:
[...]
https://l3net.wordpress.com/projects/firejail/
Oh, so it doesn't intercept any non-HTTP requests at all? I'm not aware of how ABE is implemented internally.Thrawn wrote:ABE is specifically for filtering HTTP requests. It's a web firewall, not a general-purpose one. FTP is out of scope.
*Always* check the changelogs BEFORE updating that important software!
-