Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 37
  1. #21
    Untangler lucidtek's Avatar
    Join Date
    Nov 2008
    Location
    Near D.C.
    Posts
    44

    Default

    Quote Originally Posted by MiniPilote View Post
    I'm not sure exactly what is happening but I turned on the DLL filtering as suggested by dmorris. This was on an upgraded 6.1 UT at home. Shortly after I did that my wife complained that ebay was being blocked. I checked out the block page it was the UT web filter saying that it was blocked because of a DLL. I turned the DLL filter back off because my wife needed to access her ebay auctions. I haven't investigated any further so I'm not sure exactly what is going on but it was interesting to say the least.

    I'm not sure what's going on either...Linux, Unix, Solaris, and OSX don't use .dlls, the last time I checked...that was a Microsoft thing. Web technologies don't usually use OS files. Microsoft uses Active X, and there may be something that installs into IE from Ebay that lets you have some sort of functionality that's only available in Windows, but they'd normally compress it and package it in a .zip or in a .exe or a .cab, or several other things, but I don't think they'd leave it as a .dll. Usually it's a ocx file or something like that.

    http://en.wikipedia.org/wiki/Dynamic-link_library

  2. #22
    Master Untangler MiniPilote's Avatar
    Join Date
    Feb 2008
    Posts
    201

    Default

    Oh, I forgot to mention this was on my wife's laptop which runs Unbuntu 8.04 using Firefox. I changed the setting to LOG only instead of BLOCK and LOG. Either way you look at it, the web filter was blocking the site due to the DLL blocking turned on. Perhaps tonight I can check the logs.
    MiniPilote

  3. #23
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    btw, I don't suggest turning on dll filtering. I was just addressing the original poster's question.

    IMO, theres no point. a dll is just a dynamically linked library.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #24
    Master Untangler MiniPilote's Avatar
    Join Date
    Feb 2008
    Posts
    201

    Default

    Oh, right. Well then as it stands now UT DOES filter DLLs. I can attest to that. I'm not sure what to do with my new found filtering power though. Perhaps just store it away with the other pieces of potentially useful information for a future date.
    MiniPilote

  5. #25
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Quote Originally Posted by MiniPilote View Post
    Oh, right. Well then as it stands now UT DOES filter DLLs. I can attest to that. I'm not sure what to do with my new found filtering power though. Perhaps just store it away with the other pieces of potentially useful information for a future date.
    yep, now that you're a 'master untangler'
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #26
    Master Untangler MiniPilote's Avatar
    Join Date
    Feb 2008
    Posts
    201

    Default

    Haha...NICE! I cracked the 100 barrier but MASTER Untangler is probably a bit of a stretch for me. I'm still learning.

    Thanks for a great product.
    MiniPilote

  7. #27
    Newbie
    Join Date
    Jul 2009
    Posts
    3

    Default

    The problem with dll-filtering is the following:

    If there is a ".dll" in the requested URL, UT will block it.
    BUT some webserver rely on the internal use of .dll's. If you work with ebay, you can see that very often there is some .dll part of the URL. But this is not to "download" a .dll to your computer, but to execute this dll ON THE SERVER side and the result (maybe some list of ebay articles) will be sent to you as html web page.

    So the blocking mechanism of UT works, but filters out a lot of pages wich contain .dll in the URL, but never send .dll files to your computer.

    If there could be made some differentiation between URL and the effective content of what is sent to me, that would be great. For the moment I have to turn off .dll blocking at my UT, because otherwise a lot of services will be blocked, without sending any .dll files to us.

  8. #28
    Newbie
    Join Date
    Jul 2009
    Posts
    3

    Default

    I block all executables in our UT configuration.
    Now I had to allow .dll because of my posting above.

    Today a user called me because he could not access www dot lufthansa.com/online/portal/LH_COM :-( (sorry for the garbled url, but I am not allowed to post otherwise). This site is blocked because of "com". Can it really be that it is blocked because of the ".../LH_COM" in the url ????

    If yes, the executable blocker is absolutely useless, because you have to "unblock" a lot of sites ...

  9. #29
    Untanglit
    Join Date
    Jun 2009
    Location
    Pennsylvania
    Posts
    23

    Default

    I am running into the same issue. It'd be nice to set it to block all EXE, DLL, COM, etc. files. (The users on my network have no business downloading executable files, and I'm thinking a block like this might help spyware/virus issues a little too.) The problem we've run into is that a lot of websites use these extensions internally (just like a website serving a PHP, ASP, ASPX, or HTML file), and therefore the site URL will contain the extension that you've set to block.

    A perfect example (and one that a user complained about):
    http://zipinfo.com/cgi-local/zipsrch...ip=90210&Go=Go

    This site's CGI file, ending in .EXE, running completely on the server side (and presumably safe, or at least not downloading a true EXE to your computer) will trigger the URL filter for .EXE extensions. Obviously I could safelist this site.

    I also noticed that MSN.COM uses .DLL files in a similar fashion. It seemed like most of this utilization was just relating to the advertising on the site, so it's not as big of a deal there.

    I have noticed that using the MIME filter seems to work a little better, at least for my intended purpose.

  10. #30
    Newbie
    Join Date
    Jul 2009
    Posts
    3

    Default

    Because of the problems with the "File Types" Webfilter, I now tried to prohibit executable file downloads with the "Mime-Types" Webfilter ...
    First I downloaded VLC (Video Lan Client) executable setup without any problem :-( then some other setup file ...

    To my mind the "File Types" webfilter is useless, because it analyzes the URL and not the downloaded file types, and the "Mime Types" webfilter is useless, because it depends on the server sending the correct Mime-Type ... and my first two downloads got through. Furthermore, if anyone uses any proxy or the webserver uses a different port (URL: port), it just can go through untangle without any filtering of his traffic.

    Is there any other possibility to block executable files except those listed above ???

Page 3 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2