On Thursday 28 May 2015 06:11:08 Meino.Cramer@gmx.de wrote:
> Hi,
> 
> With wireshark I found, that firefox accesses sites on startup, from
> which I dont know, for what reason this access is needed or whether
> the NSA, CIA, FBI, BDN, MOSSAD (fill in what organisation you ever
> suspect to do such things) has invaded my PC.

It may none of the above, but FF and any addons checking what the latest 
version is of themselves, as well as the Google search on the default hope 
page doing a DNS query or some such.


> I want to block such accesses for two reasons: First is ...hmmm...
> to block that accesses...second is to find out what will not work
> than.
> 
> I dont want to install and configure a complete full blown firewalled
> SEL-Linux thingy here and I dont want to reboot my Linux box for every
> new site I added. I am looking for a simple solution, which I can use
> without studying the history of TCP/IP and others... ;)))
> 
> What can I use for this purpose?

You could try an application layer filter[1], but I think it won't work 
insofar the connections you observed are probably using ports and protocols 
same as your day to day browsing activity.  Therefore you will likely need to 
use iptables to block individual domains or IP addresses and then regularly 
add to the list when the servers your browser wants to contact change in that 
amorphous and reconfiguring cloud out there.

You don't have to reboot your box when you change rules, but you'll need to 
reload iptables.


[1] http://l7-filter.sourceforge.net/HOWTO-kernel

-- 
Regards,
Mick