Archived from groups: comp.security.firewalls (
More info?)
"optikl" <optikl@invalid.net>
wrote in news:NPhNc.194098$Oq2.29013@attbi_s52:
> Outpost Pro is one that can be configured to block specific URL's.
> Trendmicro Internet Security provides wildcard URL blocking.
I scanned the online manual for Outpost Pro 2.1 at
http://www.agnitum.com/download/Outpost_Pro_User_Guide_(ENG).pdf to see
what URL filtering it provides and if wildcarding or regular expressions
are allowed. Section 6.7 discusses Content Filtering. The phrase "To
list particular web sites you do not want to displayed ...", but it is
not just displaying them that causes problems. I don't want anything
linked to, submitted to, downloaded from, or called from that site
besides any images or web pages they may try to proffer. It also only
looks for keywords (i.e., substrings) *anywhere* in the URL whereas, in
some cases, I want to restrict the blocking based only on the domain
portion of the URL, not by a possible match somewhere within the path
under it or in the parameters, and in other cases I do want to match
anywhere within the URL, including the parameters (in the case of a
redirect). Regular expressions are not supported. I might be able to
specify ".domain." but there would be no guarantee the match only
occured in the domain portion of the URL. I could try ".domain.tld/"
but then a site with a ccTLD of ".domain.tld.cctld/", like
".someplace.com.au/" would not get caught. What I see for URL filtering
in Outpost is the same as what I have (or could have) in Norton Internet
Security (but probably without the bloat of the category table for
Parental Control).
Another user mentioned the Blockpost plug-in but trying to find a link
on their web pages to these user/community developed plug-ins is
exascerbating; rather than include them under the Downloads or Support
left-frame menu, you have to go look at the product description and
click on "Download plug-ins" under the "Existing Users" section
(although you may not yet be an existing user). That only lets me list
sites by their domain name or IP address. That won't help if the domain
is specified in the parameters of the URL for a redirect. It also
requires that I enter a FQDN, like "hostname.domain.tld" but a site may
use a ccTLD to designate their country, as in
"hostname.domain.tld.cctld", or even use the ccTLD as a subdomain, like
Doubleclick does with "hostname.cctld.doubleclick.net". And a nasty
domain may rotate or change their hostname, so "www.domain.tld" may
become "humphrey.domain.tld" and then "edina.domain.tld", and some don't
need a hostname, like "grc.com", so I don't want to include a hostname,
nor do I want to include a subdomain.
I figure "^(https?|ftp):////.*/.domain/..*//?" would restrict the block
to looking only at http(s) or ftp sites specified only in the domain
portion of the URL whereas ".*:////.*//.*/.domain/.(com|net).*" would
catch only the .com or .net TLD for that domain using any protocol but
only if the domain was specified in the parameters for a possible
redirect. Since I don't have a firewall that supports regular
expressions, I really can't test if the regular expressions that I
mention here will work as expected. Having to run a gateway running
Linux to provide a proxy or get an expensive firewall appliance or
enterprise-level internet gateway that can understand regular
expressions and then forcing all clients to use that proxy is just too
big and too expensive a task for a home network. It shouldn't take all
that just to get support for regular expressions in a personal firewall.
Maybe the developers figure we users are too stupid to figure out how to
read the product's documentation on how to write their flavor of regular
expressions.
I can't tell what TrendMicro Internet Security provides regarding URL
filtering and support for regular expressions since they don't provide
an online or downloadable manual but just their quick start guide and
readme file.
--
__________________________________________________
*** Post replies to newsgroup. Share with others.
(E-mail: domain = ".com", add "=NEWS=" to Subject)
__________________________________________________