Give me Little Snitch Advanced rules please

I just read the following Blog entry: Lies, Lies and Adobe Spies which mentioned Omniture 2o7.net cookies.

So I decided to block that domain.

Applications besides browsers seem to use 2o7.net. A quick search on Google showed a lot more applications using that spying domain than I expected. This means that disabling those cookies in your browsers is not good enough. So I tried to deny all access to 2o7.net with a Little Snitch rule.

Deny access

This does not work however if you allow an application unrestricted access. In my case FireFox is allowed to do pretty much everything. And by design Little Snitch considers this a more specific rule which has precedence. It would be nice if Little Snitch would add Global rules for these kind of use cases.

This makes me pine for my old Sygate Personal firewall still running flawlessly on my old Windows machine. In Sygate you could have Advanced rules overriding the application rules.
As a workaround I created an entry in hosts like this: 127.0.0.1 2o7.net. Hopefully advanced rules of some sort will be added to Little Snitch, because altering your hosts table for this is just stupid.

5 Responses to Give me Little Snitch Advanced rules please

  1. jeff leong says:

    truth is, this kind of method is frequently used and provides no threat to the customer. in fact, this is a benefit to the customer, as business can now better optimize as they do with the web the customer experience with applications. having a simple ping to a server doesn’t provide information on what was drawn, coded or published but simply what was clicked, for how long and how many times, “user interaction” – that’s all. working with web analytics, i myself have deployed an array of solutions like this and given omniture offers the manipulation of process of the data as part of the service, its a lot cheaper for a company to utilize this option versus building it themselves. its essential data needed ‘bottom line’ to help provide better products for the customer and poses no threat.

  2. Paulstar says:

    Can’t you just add this rule in the terminal? Type (without quotes) “sudo nano /etc/hosts”, then after localhost add (without quotes, indeed) “127.0.0.1 2o7.net”, type ctrl+O and save.

  3. Ronald Pulleman says:

    PaulStar:

    ?? Yeah isn’t that what I said? How you edit your hosts is up to you.

  4. Paulstar says:

    You’re right, I scanned your text to quickly. I apologize 🙂

  5. Koil says:

    That won’t actually work reliably – OS X uses an additional layer on top of /etc/hosts called NetInfo

    my typical approach is:
    cd /etc
    sudo vim hosts
    sudo niload -v hosts / < hosts

    the last line will ensure that the NetInfo database is up to date – I’m unsure of the specifics, but without the last line things can get unstable, and may require a log out or reboot before changes are made

    (for those that don’t know, “sudo” temporarily grants you administrator privileges _if_ you are an admin user – don’t be freaked out when it asks for your password)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: