OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: StP on August 07, 2017, 02:20:35 pm

Title: Blocking WEBDAV?
Post by: StP on August 07, 2017, 02:20:35 pm

According to this

http://borncity.com/win/2017/08/07/us-cert-warns-microsoft-windows-lnk-vulnerability/ (http://borncity.com/win/2017/08/07/us-cert-warns-microsoft-windows-lnk-vulnerability/)

we should block outgoing SMB and WEBDAV traffic to close some attack vectors which can be used by the vulnerability.

How to block WEBDAV in OPNsense?

Stefan

Title: Re: Blocking WEBDAV?
Post by: fabian on August 07, 2017, 05:33:50 pm

create a custom acl with the "normal" http verbs (GET, POST, PUT, DELETE, HEAD, PATCH, PUT) and block all which are not using them.

http://www.squid-cache.org/Doc/config/acl/
-> ctrl + f -> method

Title: Re: Blocking WEBDAV?
Post by: StP on August 08, 2017, 09:13:29 am

Thanks Fabian!

To be honest, I have never before used the Web Proxy. At a first glance I think I have to learn a lot of the basics first before I can use it. Will take some time...

Thanks anyways
  Stefan