[Lynx-dev] Windows Defender ATP

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Lynx-dev] Windows Defender ATP

From:	Gisle Vanem
Subject:	[Lynx-dev] Windows Defender ATP
Date:	Tue, 29 Jan 2019 16:29:23 +0100
User-agent:	Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0

I just discovered the new features of Microsoft's
"Windows Defender Advanced Threat Protection".

Overview of all these features:
   https://demo.wd.microsoft.com/?ocid=cx-wddocs-testground

After enabling the interesting feature, 'Network Protection'
by:
  c:\> powershell Set-MpPreference -EnableNetworkProtection Enabled
  ref: https://demo.wd.microsoft.com/Page/NP

Then trying to fetch the test-page using Chrome, curl an wget, I
get a trace like this:
 c:\> wget https://smartscreentestratings2.net/

  --2019-01-29 14:54:23--  https://smartscreentestratings2.net/
  Resolving smartscreentestratings2.net (smartscreentestratings2.net)... 
23.99.0.12
  Connecting to smartscreentestratings2.net 
(smartscreentestratings2.net)|23.99.0.12|:443... connected.
  Unable to establish SSL connection.

  (and a WinDefender block warning window pops up).

But using 'lynx -dump https://smartscreentestratings2.net/', I'm
getting a seemingly valid connection and page is rendered as:
                               SmartScreen Test

  This is a test page for SmartScreen.

As if the 'Network Protection' was disabled. But I do get the
same WinDefender block warning window in addition to the page

What could cause the difference in behaviour?
My Lynx used OpenSSL, so does my Wget and curl
(with CURL_SSL_BACKEND=openssl)

Scratching head now!?


--
--gv

[Prev in Thread]

Current Thread

[Next in Thread]

[Lynx-dev] Windows Defender ATP, Gisle Vanem <=

Prev by Date: [Lynx-dev] The HTML hidden attribute
Next by Date: Re: [Lynx-dev] The HTML hidden attribute
Previous by thread: [Lynx-dev] The HTML hidden attribute
Next by thread: [Lynx-dev] Windows Defender ATP
Index(es):
- Date
- Thread