Got a forbidden message from forum

[Valtam]

The mystery continues...

[bitsnpcs]

Lol easter meme.

Can it be the firewall, deny all outgoing rules, it thinks the clicked link is outgoing not from the owner, that it is a auto clicks/like malware email as the link is going out from email client.
So it is making a protection by stopping it going to the link ?

[TMG1961]

But how do you explain then that when i click the link in the notification email for this topic and my browser is closed i get the forbidden message, but when a browser window is open it opens the topic without any problems and no forbidden message

[bitsnpcs]

Hello,

I am just thinking it may be this, an idea/theory.

When the browser is open it may interpret that as you are active and clicked the link, similar to surfing web.

When the browser is closed it may think it is a malware/similar in an email link as it knows the browser is not "actively" being used, or open, as the port is not open for the browser in addition to it not running, that is - the link is trying to exit your computer by "opening the browser and the port".

Firewalls need to make the rules for any programs you need to open ports access internet/leave the computer /send infos, example you add an exception for a program, automatically it adds an exception for the browser so it can be used, this may not include from inside a message of the email ?
Just an idea really, I dont know about firewalls on Linux.

Example - browser it can using port 80, 8080 etc and others.
Email it can using port 300 range 3nn, and 900 range 9nn and others.

You click browser it opens eg port 8080 from "direct input" clicks or terminal.
Email opens a link, then it means port 9nn access tries to open port 8080, is can be interpreted that way, by a some firewalls similar to like probing/port scan accessing, and the over strict rules it will block coz of that.

Next example think from opposite direction , how I come to above idea -
how it is used by a rogue ones -

1/ malware it opens the browser port such as like it steals clock cycles for reselling that of processing large volume datas, /virtual datacentre sold processing/tasks to businesses who dont have that system big enough, is one of biggest ways how malware making money.
Some do volunteer to give away spare clock cycles like to the space camp type projects.

2/ trojan it has the callback address, some it dont try to open the port to callback, instead it waits until you or I open the port for it, eg we open the browser, then in the background it uses the open port to callback.

3/ media player, it can open links if you embed that in video, it can open the webpage so the person sees that, or it can do that in the background.
Example, someone predator then maybe play video or game, in background it goes with standard browser not tor, til the landing page, at the landing page, it records the ip address, os infos, and system specs.

1 thru 3 that is old methods, okay for examples, most AV and firewall block that, eg not to post how to's for that.

[TMG1961]

[member=411]bitsnpcs[/member]
Thanks for the explanation of your thoughts/idea/theory.

[bitsnpcs]

[member=3473]TMG1961[/member]  you are welcome