Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re: Re: ZoneAlarm phones home]
From: "Ivan ." <ivanhec () gmail com>
Date: Tue, 7 Feb 2006 09:15:06 +1100

Your quite a piece fo work Dave. The "secret" server is acutally
zonelabs.com, hence the workaround to edit the hosts file and map that
domain to the loopback address. Do you know how windows hosts file
works? No, here is link that may help you
Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

The work around issued by zonealarm and their response to this list,
is proof enough for me that there was an issue and probably quite a
few other people. But not you Dave, eh?

On 2/7/06, Dave Korn <davek_throwaway () hotmail com> wrote:
Frank Knobbe wrote:
On Mon, 2006-02-06 at 14:06 +0000, Dave Korn wrote:
The company says it will fix the "bug" soon. In the meantime you can
work >around it by adding:
# Block access to ZoneLabs Server
127.0.0.1 zonelabs.com
to your Windows host file.

  2)  You aren't the first person in the world to mistake the loopback
interface for a routable address, but you do look just as dumb as
everyone
else who's ever done it down the annals of history.

You might want to remove your foot from your own mouth. The loopback
thing is a workaround

  I'm perfectly aware of that, but if you had actually read this thread you
would realise that's not the issue under discussion.

 I claimed that Cringely was spreading FUD, because he hadn't so much as
shown us a packet trace or an IP address.  Ivan told me to "read the article
again Dave, you'll find that he did provide the ip address of the
destination servers to Zonelaram".  When I point out to Ivan that a) the
article was not by Cringely but a second-hand report of Cringely's original
article, and that b) 127.0.0.1 is not the ip address of the destination
servers, I am correct, and the fact that redirecting a hostname lookup to
the loopback address is an effective method of blocking an adbanner does not
in any way contradict anything I've said nor confirm anything Ivan said.

  Maybe that taste of shoe leather you've noticed is coming from your own
mouth?

You might want to think yourself before assailing other posters
verbally. But frankly, I don't care since your email just qualified you
for my plonker list.

  That's your choice; if you're happier reading FUD-spreading mis-reported
nonsense from people who don't even know the loopback address when they see
it rather than well-informed posts from people who have done their
background research and know the field, you're going the right way about it.

  Of course, you're the ever-so-reasonable guy whose posts are full of
emotive and pejorative terms like "presume we're all lusers", "wild
assumptions", "must be an idiot", "piece of shit", "satisfy the ego", "stop
sucking", so I call PKB on you, troll.

Cheers,
Frank

PS: zonelabs.com resolves to 208.185.174.44 in case you're still
wondering about an IP address.

  Your adroitness with nslookup hardly compensates for your not having paid
any attention to the actual *content* of the discussion you wish to
contribute to.

PPS: Of course that's not proof of anything. Packet traces would be
preferred, but I'd think anyone with Zone Alarm could probably gather
those easily.

  If you'd care to actually look at this thread, you would have seen that
that is the main point of my original post.

(...Why do I even care...)

  You clearly don't care enough to read the thread and try and follow the
argument you're responding to.  I suggest that if you don't care that much,
you really shouldn't bother writing a half-baked response that utterly
misses the point.

    cheers,
      DaveK
--
Can't think of a witty .sigline today....



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]