From 0cf7352706d7e2f695bace29c4007de59562b014 Mon Sep 17 00:00:00 2001 From: Jed Laundry Date: Fri, 23 Aug 2024 20:39:46 +1200 Subject: [PATCH] add ECS --- macos/little_snitch/config.json | 25 +++++++++++++++++++ .../rules/Microsoft Intune.lsrules | 7 ++++++ 2 files changed, 32 insertions(+) diff --git a/macos/little_snitch/config.json b/macos/little_snitch/config.json index fe3ccc9..608c830 100644 --- a/macos/little_snitch/config.json +++ b/macos/little_snitch/config.json @@ -30,6 +30,16 @@ 1, 2 ] + }, + { + "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json", + "rule_ids": [ + 1 + ], + "processes": [ + "\/Applications\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender", + "\/Applications\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender Helper" + ] } ] }, @@ -112,6 +122,15 @@ 56, 69 ] + }, + { + "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json", + "rule_ids": [ + 1 + ], + "processes": [ + "\/Applications\/OneDrive.app\/Contents\/MacOS\/OneDrive" + ] } ] }, @@ -209,6 +228,12 @@ 147, 159 ] + }, + { + "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json", + "rule_ids": [ + 1 + ] } ] }, diff --git a/macos/little_snitch/rules/Microsoft Intune.lsrules b/macos/little_snitch/rules/Microsoft Intune.lsrules index ebb39fa..c6844e8 100644 --- a/macos/little_snitch/rules/Microsoft Intune.lsrules +++ b/macos/little_snitch/rules/Microsoft Intune.lsrules @@ -51,6 +51,13 @@ "protocol" : "tcp", "remote-domains" : "manage.microsoft.com" }, + { + "action" : "allow", + "ports" : "443", + "process" : "\/Applications\/Company Portal.app\/Contents\/MacOS\/Company Portal", + "protocol" : "tcp", + "remote-hosts" : "config.edge.skype.com" + }, { "action" : "allow", "ports" : "443",