lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue Feb  7 06:44:57 2006
From: full-disclosure2 at pchandyman.com.au (Greg)
Subject: Re: According to Ivan,
	the secret ZA phone-homeserver is located at 127.0.0.1 [was Re:
	Re:Re: ZoneAlarm phones home]



I say "TAKE THE SECRET SERVER DOWN"!!

I incite mass ping flooding of that ip 127.0.0.1 NOW!

Would that stop it, Ivan? Get right on it and let us know the results of
your tests. 






> -----Original Message-----
> From: Ivan . [mailto:ivanhec@...il.com] 
> Sent: Tuesday, 7 February 2006 9:15 AM
> To: Dave Korn
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Re: According to Ivan,the 
> secret ZA phone-homeserver is located at 127.0.0.1 [was Re: 
> Re:Re: ZoneAlarm phones home]
> 
> 
> Your quite a piece fo work Dave. The "secret" server is 
> acutally zonelabs.com, hence the workaround to edit the hosts 
> file and map that domain to the loopback address. Do you know 
> how windows hosts file works? No, here is link that may help 
> you Blocking Unwanted Parasites with a Hosts File 
> http://www.mvps.org/winhelp2002/hosts.htm
> 
> The work around issued by zonealarm and their response to 
> this list, is proof enough for me that there was an issue and 
> probably quite a few other people. But not you Dave, eh?
> 
> On 2/7/06, Dave Korn <davek_throwaway@...mail.com> wrote:
> > Frank Knobbe wrote:
> > >On Mon, 2006-02-06 at 14:06 +0000, Dave Korn wrote:
> > >> >> The company says it will fix the "bug" soon. In the 
> meantime you 
> > >> >> can
> > >> > work >around it by adding:
> > >> >> # Block access to ZoneLabs Server
> > >> >> 127.0.0.1 zonelabs.com
> > >> >> to your Windows host file.
> >
> > >>   2)  You aren't the first person in the world to mistake the 
> > >> loopback interface for a routable address, but you do 
> look just as 
> > >> dumb as everyone else who's ever done it down the annals of 
> > >> history.
> > >
> > >You might want to remove your foot from your own mouth. 
> The loopback 
> > >thing is a workaround
> >
> >   I'm perfectly aware of that, but if you had actually read this 
> > thread you would realise that's not the issue under discussion.
> >
> >  I claimed that Cringely was spreading FUD, because he 
> hadn't so much 
> > as shown us a packet trace or an IP address.  Ivan told me to "read 
> > the article again Dave, you'll find that he did provide the 
> ip address 
> > of the destination servers to Zonelaram".  When I point out to Ivan 
> > that a) the article was not by Cringely but a second-hand report of 
> > Cringely's original article, and that b) 127.0.0.1 is not the ip 
> > address of the destination servers, I am correct, and the fact that 
> > redirecting a hostname lookup to the loopback address is an 
> effective 
> > method of blocking an adbanner does not in any way 
> contradict anything 
> > I've said nor confirm anything Ivan said.
> >
> >   Maybe that taste of shoe leather you've noticed is coming 
> from your 
> > own mouth?
> >
> > >You might want to think yourself before assailing other posters 
> > >verbally. But frankly, I don't care since your email just 
> qualified 
> > >you for my plonker list.
> >
> >   That's your choice; if you're happier reading FUD-spreading 
> > mis-reported nonsense from people who don't even know the loopback 
> > address when they see it rather than well-informed posts 
> from people 
> > who have done their background research and know the field, you're 
> > going the right way about it.
> >
> >   Of course, you're the ever-so-reasonable guy whose posts 
> are full of 
> > emotive and pejorative terms like "presume we're all lusers", "wild 
> > assumptions", "must be an idiot", "piece of shit", "satisfy 
> the ego", 
> > "stop sucking", so I call PKB on you, troll.
> >
> > >Cheers,
> > >Frank
> > >
> > >PS: zonelabs.com resolves to 208.185.174.44 in case you're still 
> > >wondering about an IP address.
> >
> >   Your adroitness with nslookup hardly compensates for your 
> not having 
> > paid any attention to the actual *content* of the 
> discussion you wish 
> > to contribute to.
> >
> > >PPS: Of course that's not proof of anything. Packet traces 
> would be 
> > >preferred, but I'd think anyone with Zone Alarm could 
> probably gather 
> > >those easily.
> >
> >   If you'd care to actually look at this thread, you would 
> have seen 
> > that that is the main point of my original post.
> >
> > >(...Why do I even care...)
> >
> >   You clearly don't care enough to read the thread and try 
> and follow 
> > the argument you're responding to.  I suggest that if you 
> don't care 
> > that much, you really shouldn't bother writing a half-baked 
> response 
> > that utterly misses the point.
> >
> >     cheers,
> >       DaveK
> > --
> > Can't think of a witty .sigline today....
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ