Blocking Referrer

[Robyn]

I have been running some firewall and browser tests which have given me good results apart from the 'referrer' I am told to block this via my firewall but I do not know how to? I know IE6 (Avant) is not a safe browser but I am still using it I would be grateful if anyone could advise as to what I need to do to prevent the failing the referrer test

I am running the trial of Outpost Pro and have my browser configured for safety (I do not even store the history) plus I have MRU Blaster plus other security guards but just cannot work out which setting to use in the firewall to pass this test. Thanks in advance for any advice.

Quote:

To score 100% on the Browser Privacy check you have to set your firewall or browser to block cookies and referrer

I have my browser set to prompt for cookies and the test showed I didn't have any tracking ones (I only keep forum cookies) perhaps this is not possible with IE

[Moore]

Hi Robyn ,
Looks like you are running the PC Flank test ..

In Outpost Pro you can block referrers in the Active Content Plugin..

Right click on the icon in Outpost , go to properties / web pages and there you wil see the control for enabling / disabling referrers.

Some websites will not work properly with this disabled however and outpost does not allow you to specify individual sites , so its either on or off.

Heres some Outpost forum links on referrer blocking that should help you as well :

http://outpostfirewall.com/forum/showthread.php?t=9541
http://outpostfirewall.com/forum/showthread.php?t=8995

I always leave it enabled myself , there are other programs to use which offer better referrer control , such as Proxomitron , Webwasher , Ad-muncher and a few others.

I dont see it as such a major privacy risk compared to leaving behind my IP address at every website , but if you only visit sites you trust theres less to worry about.

[Robyn]

Thank you I have found other settings now which I can modify if I need to I now know where to look as I really only have started to explore this firewall but so far I am very pleased. I will read the other links you have posted as I really want to learn a lot more about this firewall.
PCFlank was the place of interest for their tests I have also been to SOS and GRC

I hope after the trial I will know all the right clicks in the GUI of Outpost

Thanks again - I was worried about refferer but as you say some sites may not work. A new learning curve but I think it will be worth it when I am more familiar with the configurations. After all my questions and headaches about choosing a new firewall I think I got some great advice!

Blocking referrers will have some side-effects depending on when it is blocked.

How does outpost do it? Does it always block referrer? Or only in certain cases?

[Paranoid2000]

Outpost will, if referrers are blocked, replace them with "Field Blocked by Outpost (www.agnitum.com)". Some people view this as advertising and do not like it, others point out that it is not RFC-compliant and can cause problems on some websites.

The current version of Outpost (2.1) will only allow referrers to be set globally so using other software (like Proxomitron) to handle them may be a better option. The next version (2.5, currently in beta) does allow referrers to be set on a per-site basis (don't ask me when it will be released though, I'd guess in a month or so).

You mean it always block referrers, all the time?

Even if I move from say www.wildersecurity.com/page1.html to www.wildersecurity.com/page2.html?

That's stupid. There is no need to do that at all. Moving from google.com to wilders is a different thing.

And yes, now that you mention it, I do remember the irriating tag line in my referrer logs of my website. The irony is it allows you to be even more easily tracked, espically on sites where very few people use outpost.

[Paranoid2000]

Quote:

Originally Posted by Ronin

You mean it always block referrers, all the time?

Even if I move from say www.wildersecurity.com/page1.html to www.wildersecurity.com/page2.html?

That's stupid. There is no need to do that at all. Moving from google.com to wilders is a different thing.

Well, aside from Outpost 2.5, I do not know of any software that blocks referrers on a site-by-site basis. However many will supply a varying value depending on the site (typically the root domain name of the site concerned).

Quote:

And yes, now that you mention it, I do remember the irriating tag line in my referrer logs of my website. The irony is it allows you to be even more easily tracked, espically on sites where very few people use outpost.

Hmmm...if someone visited your site using Outpost, you would not know where they had come from or whether they had followed a link or typed your URL in directly. That's the real point behind referrer blocking. You'd only be able to tell they were using Outpost.

Firefox does that.

[Paranoid2000]

Quote:

Originally Posted by Ronin

Firefox does that.

Really? How? The only reference I could find to altering referers was with the Configuration Mania extension - and this looks to be a global setting for hiding them rather than one with per-site settings.

[CrazyM]

Quote:

Originally Posted by Paranoid2000

Well, aside from Outpost 2.5, I do not know of any software that blocks referrers on a site-by-site basis.

If you are referring to software firewalls with active content filtering, AG/NIS/NPF can filter referrer globally or by selected sites.

Regards,

CrazyM

Quote:

Originally Posted by Paranoid2000

Really? How? The only reference I could find to altering referers was with the Configuration Mania extension - and this looks to be a global setting for hiding them rather than one with per-site settings.

Setting network.http.sendRefererHeader to 0 is a all or nothing thing yes.


But there is a patch for firefox that extends it's abilities further.


+#define REFERRER_NONE 0 /* Never send the referrer */
+#define REFERRER_USER_ACTION 1 /* Actions directly initiated by
the user (e.g. clicking on a link) */
+#define REFERRER_INLINE_CONTENT 2 /* Images or other inline content */
+#define REFERRER_NON_HTTP 3 /* NOT USED - remains for backwards
compatability */
+#define REFERRER_SAME_HOST_ONLY 4 /* Send the referrer only for
requests from the same host, otherwise send no referrer. */
+#define REFERRER_3RDPARTY_PREPATH 5 /* Send the referrer only for
requests from the same host, otherwise send target URI's pre-path as the
referrer. */
+#define REFERRER_3RDPARTY_NO_PREPATH 6 /* Strip off the path from the
referrer for 3rd party requests, otherwise leave it alone. */
+#define REFERRER_PREPATH_URI_ALWAYS 7 /* Always send the target URI's pre-path as the referrer. */

http://bugzilla.mozilla.org/show_bug.cgi?id=55477 - I actually found this off a old post on this forum.

It's not a per site thing (though come to think of it, some of the extensions which allow you to block referrers per tab might be extended to that), but it I think the various options captures the main reasons why you want to block referrers and provides some optional workarounds (okay forges the referrer) for some problems you might face with blocking referrers.

Option 7 is similar (but not exactly) to that of the default proxomitron settings I believe.

Of course, this doesn't help if you don't know how to compile your own firefox versions ,but I found the following build with as the bug patched in
http://www.pryan.org/mozilla/firefox/amano/ .

Not that I expect someone with your handle to trust something like that

Does outpost or anything similar do this for IE?

[Paranoid2000]

Quote:

Originally Posted by CrazyM

If you are referring to software firewalls with active content filtering, AG/NIS/NPF can filter referrer globally or by selected sites.

It's been a while since I used AG, but I don't remember it allowing referer settings for individual sites. However Norton certainly does - thanks for the info (at last, a chance to say something nice about a Symantec product! )

Quote:

Originally Posted by Ronin

Not that I expect someone with your handle to trust something like that

Now, now... *slap* The referer hack is interesting info and would be useful for most sites - however there are a few which are coded in a way that they need full referer details (Ebay.co.uk springs to mind here) so a per-site setting is need for these delinquents.

Quote:

Originally Posted by Ronin

Does outpost or anything similar do this for IE?

Outpost 2.1 filters referers on a global basis. The next version current in beta (2.5) does allow for per-site settings (and about time too...). It looks at HTTP headers and should, like Proxomitron, work with any browser.