When I start iexplore from my newsticker program (KlipFolio), outpost assumes it is started in hidden mode (although it is not) and blocks it.
Is there a way to change this by-default behaviour, e.g. stop iexplore blocking?
Shaker,
You need to edit your outpost.ini file (in the Outpost program folder). Using Notepad, remove the entry for iexplore.exe in the [DisableNetworkForHiddenProcesses] section. You will need to shutdown and restart Outpost (disconnecting from the Internet first) for this to take effect.
This will however allow any application Internet access using Internet Explorer's "Hidden Window" functionality, which could be exploited by trojans and is used by the TooLeaky leaktest.
Originally posted by shaker
Version 2.1 yes. Not sure what you mean by AC. Where exactly do I allow hidden frames? :?
Active Content, properties
Chris
I think # would be a better bet for a comment, that is what is used in the preset.lst and protect.lst files. It doesn't really matter though - whatever you add will stop iexplore.exe from being matched.
Hello Paranoid,
I do not see an entry for mozilla.exe under the section [DisableNetworkForHiddenProcesses] of outpost.ini. Should it be there ?
Originally posted by Paranoid2000
Shaker,
You need to edit your outpost.ini file (in the Outpost program folder). Using Notepad, remove the entry for iexplore.exe in the [DisableNetworkForHiddenProcesses] section. You will need to shutdown and restart Outpost (disconnecting from the Internet first) for this to take effect.
This will however allow any application Internet access using Internet Explorer's "Hidden Window" functionality, which could be exploited by trojans and is used by the TooLeaky leaktest.
Thx for ya help.
One more question, in the oputpost.ini is it possible to comment the item so that I can set it back later. Would "[" work here?
Thanks, Paranoid2000.
Version 2.1?
Did you go into AC properties and allow hidden frames ( just to see if that is what it is)
Chris
The rules for Internet Explorer don't really influence this behaviour as it even gets blocked when its not on the application list at all.
Any help would be cool :p
Hi,
you can delete the IE from the applikation list and add him again. Make a new rule which allow only outbound TCP.
Version 2.1 yes. Not sure what you mean by AC. Where exactly do I allow hidden frames? :?
thx again for your help people, it seems to actually work ;)
AFAIK it is not needed since the "Hidden Window" feature (where a browser makes a network connection without opening a window) is an IE/Windows Explorer-specific function.
 Get Smart About Monitoring Virtual Machines
 Microsoft Gets Ex-Streamly Cozy with U.K.'s MediaWave
|
iexplore.exe blocking