Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm trying to block some sites so that I don't have to look at annoying ads and such. On my Windows machine I had ZoneAlarm Pro and could add sites to the restricted zone.
Now I've added a RH9 system to my collection and I'm using iptables to do the same using the command:
Code:
iptables -A OUTPUT -d <some addr> -p tcp -j REJECT
This does work but the browser (Mozilla 1.5) takes a long time (~4s) and seems to time out or retry instead accepting the REJECT and moving on. On Windows Mozilla immediately stops trying. So I'm wondering how ZoneAlarm rejects the outbound request. I've tried that various reject-with options but they all have the same effect. Using DROP causes a very long time out (~30s) as I would expect.
you could use guarddog , its a very good firewall and it let u avoid the hastle of dealing with cryptic shell scripts and ipchains/iptables parameters.
Mozilla 1.5 can be configured so as not to download images (and pop-up windows) from sites you specify.
Maybe that is what you want.
I myself use the squid proxy server, which, in addition to letting me specify an acl to deny source domains (and much more), also lets me analize my traffic (it prepares a log file with all information on files downloaded during browsing), so I can determine what deserves denying, and, finally, it maintains a very efficient local cache of downloaded files, so it gives me a high speed increase during browsing.
Originally posted by heema you could use guarddog , its a very good firewall and it let u avoid the hastle of dealing with cryptic shell scripts and ipchains/iptables parameters.
Originally posted by J_Szucs Mozilla 1.5 can be configured so as not to download images (and pop-up windows) from sites you specify.
Maybe that is what you want.
The problem isn't really images since I can turn off animation. The problem is flash programs which sing and dance and work so hard to distract you. I took out the flash plugin just for that reason but now many sites need flash for site navigation.
You'll like Privoxy then. Successor to Junkbuster it's a filtering (but non-caching) proxy. Can block, explicitly or using regexes, TLD's, domains, subdomains, directories. Can filter, applied general or per site, for any Javascript, CSS, popups, pop-unders, Flash, movies and whatnot. On top of that it gives you rewrite rules.
Stupid example: s/microsoft(?!.com)/MicroSuck/ig.
BTW, I'll be moving this thread to the Linux - General forum: it isn't a security issue.
Originally posted by unSpawn You'll like Privoxy then. Successor to Junkbuster it's a filtering (but non-caching) proxy. Can block, explicitly or using regexes, TLD's, domains, subdomains, directories. Can filter, applied general or per site, for any Javascript, CSS, popups, pop-unders, Flash, movies and whatnot. On top of that it gives you rewrite rules.
Stupid example: s/microsoft(?!.com)/MicroSuck/ig.
BTW, I'll be moving this thread to the Linux - General forum: it isn't a security issue.
Thanks, I'll look at Privoxy. I guess it's not security -- I just like to keep the riffraff out.
there are a couple of extensions for Mozilla/Mozilla-Firebird that can block flash and other annoying stuff. I use 'Flash click to view'. Go to http://extensionroom.mozdev.org/
to find the extensions. Loads of cool stuff.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.