I'm trying to create a port blocking rule in order to prevent Firefox to browse throught port 80.
I have read KB65718 and I'm not sure if it says that firefox.exe is excluded in ANY port blocking rule or only for "Prevent mass mailing worms from sending mail" rule.
Can anyone please clarify and help me achieve my objective.
Thanks in advance
If you would like to prevent "Firefox.exe" rom talking on port 80...
In Access Protection., Create a user defined rule. Make it a port rule, and select port 80. Then for the process to include put in firefox.exe. This will block any program named firefox from talking on port 80.
Unfortunately, McAfee protection is pretty basic. It relies on executable names, so any user can get around this block by renaming firefox.exe to anything else, like foxfire.exe, or IHateMyITDepartment.exe or anything that doesn't match "firefox.exe" and get around your scheme..
All these Access protection rules and process exclusions really count on programs having predictable names. But filenames are pretty easy for users to change to circumvent your rule..
McAfee protections and exclusions are mostly based on process names. It is a house of cards. So easy for users to circumvent and so easy for virus writers to take advantage of.
I tested exactly that rule but it doesn't prevent firefox from accessing port 80.
I also tested * as process to include, iexplore and chrome can not browse port 80, but firefox still does.