Jump to content

Alternate Method for blocking access

MadSc13ntist
 Share

Recommended Posts

MadSc13ntist Wayfarer

MadSc13ntist

Posted
Posted (edited)

I am trying to block a process from accessing the internet... period.

I have tried creating Loopback entries in the Hosts file (usually works) but is there a method that prevents access even if you aren't sure what IP/URL it will try to connect to? (more of a solid catch-all) outside of that i'm really at a loss...

I toyed with a few ideas, HttpSetProxy(bogus proxy), disabling my adapter, but these also hang my connection (obviously)...

any other ideas? I know that most personal firewalls give you a few options but i was looking to learn how to accomplish this myself with a script/cmdline util i could FileInstall(). (P.S. I am running Windows XP SP1)

I would like to learn the options for this anyway, good to know and i would like to learn what this would involve. (perhaps what personal firewalls are doing when access is denied manually)...

Thanks to all who respond!

Edited by MadSc13ntist
Link to comment
Share on other sites
Valik Universalist

Valik

Posted
Posted

Firewalls use system hooks and drivers. They intercept things at an extremely low level before the operating system actually executes the code in the executable. You won't be able to simulate this effect without a driver because by the time another running program can detect that the executable is launched, it's probably already too late.

Link to comment
Share on other sites
MadSc13ntist Wayfarer

MadSc13ntist

Posted
  • Author
Posted (edited)

Heres a bonkers thought (a bit much but just playing with ideas while my full throttle sinks in...)

Is there a way to prevent any program run under a limmited user account from accessing the internet? i.e. guest?

and then maybe RunAs(guest)???

Or NET USER ???

just thinking out loud, feel free to shoot it down if it won't fly...

Thanks for the volley of ideas...

Edited by MadSc13ntist
Link to comment
Share on other sites
/dev/null Universalist

/dev/null

Posted
Posted

Do you know of any light utils i could use to better acomplish this? something that wouldn't have to be permanently installed?

Not that I know of any... You could use the following: EasySec Firewall SDK. Search google for it. However, you will have to install at least "some" files.

Cheers

Kurt

__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Link to comment
Share on other sites
/dev/null Universalist

/dev/null

Posted
Posted (edited)

Any thoughts on the limmited user idea?

Is there any way to limit internet access for a NET USER Account?

As far as I know, windows has no implementation of mandatory access control (MAC) for network access. That is only done in trusted operating systems like Trusted Solaris, TrustedBSD or Argus Pitbull (and others).

EDIT: So, no there is no way to limit general network access for a user.

Cheers

Kurt

Edited by /dev/null

__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...