MadSc13ntist Posted July 17, 2005 Share Posted July 17, 2005 (edited) I am trying to block a process from accessing the internet... period. I have tried creating Loopback entries in the Hosts file (usually works) but is there a method that prevents access even if you aren't sure what IP/URL it will try to connect to? (more of a solid catch-all) outside of that i'm really at a loss... I toyed with a few ideas, HttpSetProxy(bogus proxy), disabling my adapter, but these also hang my connection (obviously)... any other ideas? I know that most personal firewalls give you a few options but i was looking to learn how to accomplish this myself with a script/cmdline util i could FileInstall(). (P.S. I am running Windows XP SP1) I would like to learn the options for this anyway, good to know and i would like to learn what this would involve. (perhaps what personal firewalls are doing when access is denied manually)... Thanks to all who respond! Edited July 17, 2005 by MadSc13ntist Link to comment Share on other sites More sharing options...
Valik Posted July 17, 2005 Share Posted July 17, 2005 Firewalls use system hooks and drivers. They intercept things at an extremely low level before the operating system actually executes the code in the executable. You won't be able to simulate this effect without a driver because by the time another running program can detect that the executable is launched, it's probably already too late. Link to comment Share on other sites More sharing options...
MadSc13ntist Posted July 17, 2005 Author Share Posted July 17, 2005 Good to know... Do you know of any light utils i could use to better acomplish this? something that wouldn't have to be permanently installed? even outside of a script? have you come across anything? w00t Valik! Link to comment Share on other sites More sharing options...
MadSc13ntist Posted July 17, 2005 Author Share Posted July 17, 2005 (edited) Heres a bonkers thought (a bit much but just playing with ideas while my full throttle sinks in...) Is there a way to prevent any program run under a limmited user account from accessing the internet? i.e. guest? and then maybe RunAs(guest)??? Or NET USER ??? just thinking out loud, feel free to shoot it down if it won't fly... Thanks for the volley of ideas... Edited July 17, 2005 by MadSc13ntist Link to comment Share on other sites More sharing options...
/dev/null Posted July 17, 2005 Share Posted July 17, 2005 Do you know of any light utils i could use to better acomplish this? something that wouldn't have to be permanently installed?Not that I know of any... You could use the following: EasySec Firewall SDK. Search google for it. However, you will have to install at least "some" files.CheersKurt __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf * Link to comment Share on other sites More sharing options...
MadSc13ntist Posted July 17, 2005 Author Share Posted July 17, 2005 I'll give it a shot.. thanks.. Any thoughts on the limmited user idea? Is there any way to limit internet access for a NET USER Account? (and/or any processes run as that user?) Link to comment Share on other sites More sharing options...
/dev/null Posted July 17, 2005 Share Posted July 17, 2005 (edited) Any thoughts on the limmited user idea?Is there any way to limit internet access for a NET USER Account?As far as I know, windows has no implementation of mandatory access control (MAC) for network access. That is only done in trusted operating systems like Trusted Solaris, TrustedBSD or Argus Pitbull (and others).EDIT: So, no there is no way to limit general network access for a user.CheersKurt Edited July 17, 2005 by /dev/null __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf * Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now