mantra 1 Posted June 24, 2021 Share Posted June 24, 2021 hi could be create a global rule to block tcp 80 (http ) and pust to use htttps for every programs? i would like to create 1 rule for every applications and is eset firewall powerfull enough to block DNS cache server ? thanks Link to comment Share on other sites More sharing options...
Administrators Marcos 5,278 Posted June 24, 2021 Administrators Share Posted June 24, 2021 It's possible to block http communication on port 80 as well as DNS communication. While neither makes sense to me (there are legit apps that communicate via http and DNS communication is vital), you can create two block rules and put them on top of the built-in rules. Link to comment Share on other sites More sharing options...
mantra 1 Posted June 24, 2021 Author Share Posted June 24, 2021 7 hours ago, Marcos said: It's possible to block http communication on port 80 as well as DNS communication. While neither makes sense to me (there are legit apps that communicate via http and DNS communication is vital), you can create two block rules and put them on top of the built-in rules. the point is push every application to use https and block some unknow malware apllication that can use windows dns service might you please upload a screenthot how create a global rule to block tpc 80 and dns service? thanks Link to comment Share on other sites More sharing options...
itman 1,751 Posted June 24, 2021 Share Posted June 24, 2021 23 minutes ago, mantra said: the point is push every application to use https As far as I am aware of, Eset doesn't support HTTPS Everywhere or its equivalent via FireFox or Chrome options. So you will probably end up with a lot of blocked browser connections for anything using HTTP. 26 minutes ago, mantra said: apllication that can use windows dns service You just can't block outbound port 53 DNS traffic absolutely by creating a firewall rule to do so. Ekrn.exe monitors that port along with a whole bunch of other ports. If you create a rule to block DNS and I can't fathom why you would want to attempt this, the created rule must be placed after the existing Eset default rule for ekrn.exe. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,278 Posted June 24, 2021 Administrators Share Posted June 24, 2021 HTTPS-Everywhere is a browser extension. Banking and payment protection works with it alright like with the Firefox HTTPS-only mode. HTTPS communication should be scanned as well as long as SSL scanning is enabled and the browser is recognized. Link to comment Share on other sites More sharing options...
itman 1,751 Posted June 24, 2021 Share Posted June 24, 2021 (edited) 2 hours ago, Marcos said: HTTPS-Everywhere is a browser extension. Banking and payment protection works with it alright like with the Firefox HTTPS-only mode. Firefox HTTPS only option and HTTPS Everywhere work differently. Firefox HTTPS only mode will try to redirect to HTTPS version of the web site. If one doesn't exist, it will warn you of this and ask how you want to proceed: HTTPS Everywhere on the other hand will modify insecure content on HTTPS sites: Quote HTTPS Everywhere is produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using clever technology to rewrite requests to these sites to HTTPS. Information about how to access the project's Git repository and get involved in development is here. https://www.eff.org/https-everywhere It was my understanding that Eset would "choke" when the web page HTTP-to-HTTPS activities occurred. Edited June 24, 2021 by itman Link to comment Share on other sites More sharing options...
mantra 1 Posted June 25, 2021 Author Share Posted June 25, 2021 hi there are many applications that use http , not only browsers! there are many applications free and paid that use dns cache to send data to China or other nations Link to comment Share on other sites More sharing options...
itman 1,751 Posted June 25, 2021 Share Posted June 25, 2021 12 hours ago, mantra said: use dns cache to send data to China or other nations You can disable its use. The article gives the pros and cons of doing so: https://docs.microsoft.com/en-us/windows-server/networking/dns/troubleshoot/disable-dns-client-side-caching . Link to comment Share on other sites More sharing options...
Recommended Posts