Block subdomains?

General discussions about Little Snitch
mutant
Posts: 8
Joined: Wed Jul 15, 2009 3:41 am

Re: Block subdomains?

Post by mutant » Tue Oct 27, 2009 11:12 pm

paulc wrote:Not to mention that I find it hard to believe it's all that hard to add wild card support... it sure would GREATLY enhance the product at very little "cost."


Based on?

avenirphoto
Rank 1
Rank 1
Posts: 20
Joined: Sat Nov 07, 2009 8:28 pm

Re: Block subdomains?

Post by avenirphoto » Sat Nov 07, 2009 8:50 pm

I believe everything is deliberately confusing with Little Snitch. Block should mean Block. I also believe Little Snitch was bought out by Apple so they can hack in without being blocked. Try and block any title with ntpd.apple, time.apple, apple, mac or anything related to apple and you will still see it appear on the black Connect History square that shows up. You may also find that Microsoft Word pops up also. They will let anyone that pays them to hack in. If you know how to block the above please let me know.

mutant
Posts: 8
Joined: Wed Jul 15, 2009 3:41 am

Re: Block subdomains?

Post by mutant » Sun Nov 08, 2009 12:52 am

avenirphoto wrote:I believe everything is deliberately confusing with Little Snitch. Block should mean Block. I also believe Little Snitch was bought out by Apple so they can hack in without being blocked. Try and block any title with ntpd.apple, time.apple, apple, mac or anything related to apple and you will still see it appear on the black Connect History square that shows up. You may also find that Microsoft Word pops up also. They will let anyone that pays them to hack in. If you know how to block the above please let me know.


Do you have any proof whatsoever that devs are taking money to "backdoor" your system?! If you do, post it, if not, keep your baseless accusations out of the thread...

This thread, IMOHO, is for communicating to the developer we would like a wildcard ability for creating host rules.. Do not try to hijack it with drivel about conspiracies, start your own thread.

basementjack
Posts: 15
Joined: Sat Nov 07, 2009 10:44 pm

Re: Block subdomains?

Post by basementjack » Sun Nov 08, 2009 6:09 pm

That guy posted the exact same thing on 10 threads - I'm sure he hit his new poster limit.
I agree, it would be nice to see something to back it up - even a simple packet trace.

Don't know what the guy's motives are.

I suspect that he didn't legally obtain his copy of Little Snitch, which would be just stupid considering that
1) it's only $30
2) it's a security product...

People may feel they can pirate everything - but it's just common sense not to pirate core services like your firewall....

If anyone has any concrete info that would show that a paid copy of Little Snitch doesn't work as advertised, that'd be information worth reading.

quidam
Posts: 2
Joined: Sun Nov 29, 2009 3:37 am

Re: Block subdomains?

Post by quidam » Sun Nov 29, 2009 3:50 am

There are many products which support this kind of thing. If LS cannot be made to do it, it's a limitation of the programmers, not the code.
If everything is done based on IPs (which is likely), then all that would be needed to add subdomain support is to wildcard the already monitored DNS queries (how else are IPs associated with a domain?) and add the responses to the list of IPs which are already allowed/denied by a rule.

If a rule says 'allow *.google.com' then all DNS responses -- each IP -- for anything ending in '.google.com' would be added to the list.

Ah, I also second the motion about logs.
Where are the logs?
It's nice that this thing 'just works' but it would be nice to know what it's working on. I expected to see something in a logfile via console.... I can't find anything. Am I missing something?

mutant
Posts: 8
Joined: Wed Jul 15, 2009 3:41 am

Re: Block subdomains?

Post by mutant » Sun Nov 29, 2009 7:54 pm

quidam wrote:There are many products which support this kind of thing.

Really? Like what? I've not found a viable alternative to LS. Native iptables/netfilter doesn't do it, I think there is a windows software that might, but that really doesn't apply here.

quidam wrote:If LS cannot be made to do it, it's a limitation of the programmers, not the code.

That's a pretty high-handed comment and not exactly constructive. Unless you are on the staff and actively working on the code I don't think it makes sense to take this stance. It would be nice to hear from OBDEV on the issue though. I've emailed numerous times to at least get an opinion or idea of where they are at and have never once received a reply - now that is frustrating.

avenirphoto
Rank 1
Rank 1
Posts: 20
Joined: Sat Nov 07, 2009 8:28 pm

Re: Block subdomains?

Post by avenirphoto » Thu Dec 03, 2009 1:43 am

WAKE UP PEOPLE. This program was created to collect money and give buyers a false sense of security. NO person, company or entity should be allowed to invade your privacy. Companies that do should be sued for invasion of privacy. Apple bought out the original company or created the program to sell to PEOPLE they refer to as SUCKERS. The suckers are under a false sense of security, thinking they are in control of who is or is not allowed to access your computer, without you knowledge. Apple, MAC or anyone that pays Apple enough money can access your computer. I had the Little Snitch program and found Microsoft accessing my account while Little Snitch was suppose to be on guard. I also had many blocks on while trying to unlock and block the Apple domains. THINK YOUR SAFE????? THANK APPLE FOR TAKING YOUR MONEY!!!!! BY THE WAY, I DID PURCHASE THIS PROGRAM, WITH MUCH REGRET. I WILL NOT CLOSE MY EYES IN SHAME. I do not need proof. The program problems people mention are proof enough.

avenirphoto
Rank 1
Rank 1
Posts: 20
Joined: Sat Nov 07, 2009 8:28 pm

Re: Block subdomains?

Post by avenirphoto » Thu Dec 03, 2009 8:26 pm

I have no proof, only 63 years of dealing with a variety of things and Little Snitch is an invitation to a quandary. It is too confusing. This program should have been designed to simply give you an added option of simply "ACCESS OR DENY" with any action you take or the intruder makes. I see the frustration throughout the situations others on this thread have shown and it disgust me. I tried blocking everything possible BEFORE Apple, Microsoft and another company invaded my computer with updates I did not request. Your computer should be "YOUR PRIVATE DOMAIN", not to be invaded. Little Snitch was suppose to prevent the updates and it failed. This demonstrates the accessibility any computer company has to any computer. The LOCKED areas within Little Snitch should be turned into Access or Deny, whether you want to get to where you want to go or keep someone from getting to you! Anyone invading your personal computer is invading your home, your life and your family. Therefore the invaders should be liable for invasion of privacy without the need of Little Snitch. Who made Apple and other computer companies the "All Mighty" and the right to invade any persons privacy? Voice your opinion directly to Little Snitch to simplify this program!

timelessbeing
Posts: 9
Joined: Fri Dec 25, 2009 11:44 pm

Re: Block subdomains?

Post by timelessbeing » Fri Dec 25, 2009 11:48 pm

avenirphoto, people here are asking serious questions, and you're just spewing nonsense. I think everyone here would like to pop you one in the head right now.

I just tried running Apple software update, and LS blocked it just fine.

Beat it.

pippi24
Posts: 1
Joined: Thu Jan 07, 2010 1:42 pm

Re: Block subdomains?

Post by pippi24 » Thu Jan 07, 2010 1:54 pm

I too would love to see the use of wildcards allowed. I purchased Little Snitch a few days ago and like it, but the lack of this feature is disappointing.

Apparently people have been asking for this feature since 2004 on this forum, without any response whatsoever. So I think we can conclude it's of no use requesting this feature over here, and we should be contacting the developer(s) directly. So I urge anyone who wants Little Snitch to allow wildcards to email them about it at http://www.obdev.at/products/littlesnitch/support.html?topic=suggestion&c1=1, which is what I'm gonna do now.

sherwood.daniels
Posts: 1
Joined: Mon Mar 01, 2010 11:12 am

Re: Block subdomains?

Post by sherwood.daniels » Mon Mar 01, 2010 11:29 am

Has this feature been implemented? I sure could use the ability to allow all IPs at avast.com for my Parallels installation! I use avast for Windows antivirus

The "reverse DNS" discussion is a little scary. If IP address a.b.c.d no longer resolves to the domain that Little Snitch presented when I created the rule, then I certainly didn't intend to grant apps permission to connect to it. I think Little Snitch needs the option to force re-evaluation of the rule if the domain name changes. And allow hostname-based rules with a strong warning that the rule may slow down the app in question. I doubt that it could be slower than making me click through a dialog to create a new rule for every connection that my antivirus package establishes to its home domain.

The comment from timelessbeing indicates that maybe Little Snitch does have this feature. If so, how do I set up the rule?

Thanks in advance.

scd302
Posts: 2
Joined: Sun Jul 06, 2008 5:16 pm

Re: Block subdomains?

Post by scd302 » Sat Mar 13, 2010 7:04 pm

Would like to add my vote to this thread re: making LS more robust with wildcards (ex: Deny *.2o7.net). After 2+ yrs I've got hundreds and hundreds of rules running on LS. Agree with earlier post on this thread that it is TEDIOUS managing numerous requests from same domain. LS is a great tool, but would be 100x better if we could shortcut rules. Also secretly hoping that page-loading performance might improve with a more efficient rule tool.

cec772
Posts: 6
Joined: Wed Mar 17, 2010 4:52 am

Re: Block subdomains?

Post by cec772 » Wed Mar 17, 2010 5:00 am

Can one of the developers please comment?
Your silence is deafening. :evil:

This gets my vote too... (especially to allow subdomains, not just block)

hagen
Wizard
Wizard
Posts: 594
Joined: Mon Feb 18, 2008 11:05 pm

Re: Block subdomains?

Post by hagen » Wed Mar 17, 2010 6:18 am

One of the developers has commented. See norbert on page 1 of this thread.

cec772
Posts: 6
Joined: Wed Mar 17, 2010 4:52 am

Re: Block subdomains?

Post by cec772 » Wed Mar 17, 2010 2:07 pm

I saw that, Thanks....
But it just provides a very complicated workaround using the current version:
norbert wrote:Little Snitch does not allow wildcards in DNS hostnames, so entering hostnames like "*.207.net" wont work.

However you can specify IP ranges using prefix notation. For example:

17.112.152/24 represents the range from 17.112.152.0 to 17.112.152.255 (the "24" means that only the first 24 bits of the IP address are considered). Or enter 138/8 to specify the range 138.0.0.0 - 138.255.255.255


It does not explain why LS does not, or will not allow wildcards which would be really useful. (e.g. does anyone use dropbox?itunes? they use a bunch of subdomains....)

After all, this was a feature request for upcoming versions, knowing it was currently not supported.

So If that's the only way to actually do it, then perhaps LS can provide a way to make it easier,
Such as the post that immediately followed....

Guest wrote:So why don't you still have the useful drop-down menu with all the possible subnets already calculated? THAT was COOL! You shouldn't have taken that feature out!

Post Reply