| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 08 Jan 2010 10:50:46 -0500 From: Michael Holstein <michael.holstein@...ohio.edu> To: mrx <mrx@...pergander.org.uk> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Geolocation Question > was a tick box along the lines of "disable all communication with MS > servers" Well, as it pertains to WGA, the hack was to include the following in ./system32/drivers/etc/hosts : 127.0.0.1 mpa.one.microsoft.com If you have a router that can run [DD|Open]WRT, you can mount a SMB share and run tcpdump -w /that/share on your connection to see exactly what your system of choice is "doing" network-wise. You can also do this with a hub and another computer (or even directly on the box with winpcap, assuming you trust that M$ didn't do some trickery that would lie to it). If you want to get fancier still, run Quagga on a linux box with a BGP feed from somewhere and blackhole AS8060, AS8069, AS8705, AS3598, and a couple of others I'm too lazy to look up at the moment .. and route your traffic through that. Cheers, Michael Holstein Cleveland State University _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists