lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon Feb  6 22:15:14 2006
From: ivanhec at gmail.com (Ivan .)
Subject: Re: According to Ivan,
	the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re:
	Re: ZoneAlarm phones home]

Your quite a piece fo work Dave. The "secret" server is acutally
zonelabs.com, hence the workaround to edit the hosts file and map that
domain to the loopback address. Do you know how windows hosts file
works? No, here is link that may help you
Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

The work around issued by zonealarm and their response to this list,
is proof enough for me that there was an issue and probably quite a
few other people. But not you Dave, eh?

On 2/7/06, Dave Korn <davek_throwaway@...mail.com> wrote:
> Frank Knobbe wrote:
> >On Mon, 2006-02-06 at 14:06 +0000, Dave Korn wrote:
> >> >> The company says it will fix the "bug" soon. In the meantime you can
> >> > work >around it by adding:
> >> >> # Block access to ZoneLabs Server
> >> >> 127.0.0.1 zonelabs.com
> >> >> to your Windows host file.
>
> >>   2)  You aren't the first person in the world to mistake the loopback
> >> interface for a routable address, but you do look just as dumb as
> >> everyone
> >> else who's ever done it down the annals of history.
> >
> >You might want to remove your foot from your own mouth. The loopback
> >thing is a workaround
>
>   I'm perfectly aware of that, but if you had actually read this thread you
> would realise that's not the issue under discussion.
>
>  I claimed that Cringely was spreading FUD, because he hadn't so much as
> shown us a packet trace or an IP address.  Ivan told me to "read the article
> again Dave, you'll find that he did provide the ip address of the
> destination servers to Zonelaram".  When I point out to Ivan that a) the
> article was not by Cringely but a second-hand report of Cringely's original
> article, and that b) 127.0.0.1 is not the ip address of the destination
> servers, I am correct, and the fact that redirecting a hostname lookup to
> the loopback address is an effective method of blocking an adbanner does not
> in any way contradict anything I've said nor confirm anything Ivan said.
>
>   Maybe that taste of shoe leather you've noticed is coming from your own
> mouth?
>
> >You might want to think yourself before assailing other posters
> >verbally. But frankly, I don't care since your email just qualified you
> >for my plonker list.
>
>   That's your choice; if you're happier reading FUD-spreading mis-reported
> nonsense from people who don't even know the loopback address when they see
> it rather than well-informed posts from people who have done their
> background research and know the field, you're going the right way about it.
>
>   Of course, you're the ever-so-reasonable guy whose posts are full of
> emotive and pejorative terms like "presume we're all lusers", "wild
> assumptions", "must be an idiot", "piece of shit", "satisfy the ego", "stop
> sucking", so I call PKB on you, troll.
>
> >Cheers,
> >Frank
> >
> >PS: zonelabs.com resolves to 208.185.174.44 in case you're still
> >wondering about an IP address.
>
>   Your adroitness with nslookup hardly compensates for your not having paid
> any attention to the actual *content* of the discussion you wish to
> contribute to.
>
> >PPS: Of course that's not proof of anything. Packet traces would be
> >preferred, but I'd think anyone with Zone Alarm could probably gather
> >those easily.
>
>   If you'd care to actually look at this thread, you would have seen that
> that is the main point of my original post.
>
> >(...Why do I even care...)
>
>   You clearly don't care enough to read the thread and try and follow the
> argument you're responding to.  I suggest that if you don't care that much,
> you really shouldn't bother writing a half-baked response that utterly
> misses the point.
>
>     cheers,
>       DaveK
> --
> Can't think of a witty .sigline today....
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ