Re: Re: According to Ivan, the secret ZA phone-homeserver is located at 127.0.0.1 [was Re: Re:Re: ZoneAlarm phones home]

["Ivan ." <ivanhec () gmail com>]

check that Greg, substitute "zonelabs.com" for "127.0.0.1" and your
almost there.

now get back to finishing your website

On 2/7/06, Greg <full-disclosure2 () pchandyman com au> wrote:
> I say "TAKE THE SECRET SERVER DOWN"!!
>
> I incite mass ping flooding of that ip 127.0.0.1 NOW!
>
> Would that stop it, Ivan? Get right on it and let us know the results of
> your tests.
>
>
>
>
>
>
> > -----Original Message-----
> > From: Ivan . [mailto:ivanhec () gmail com]
> > Sent: Tuesday, 7 February 2006 9:15 AM
> > To: Dave Korn
> > Cc: full-disclosure () lists grok org uk
> > Subject: Re: [Full-disclosure] Re: According to Ivan,the
> > secret ZA phone-homeserver is located at 127.0.0.1 [was Re:
> > Re:Re: ZoneAlarm phones home]
> >
> >
> > Your quite a piece fo work Dave. The "secret" server is
> > acutally zonelabs.com, hence the workaround to edit the hosts
> > file and map that domain to the loopback address. Do you know
> > how windows hosts file works? No, here is link that may help
> > you Blocking Unwanted Parasites with a Hosts File
> > http://www.mvps.org/winhelp2002/hosts.htm
> >
> > The work around issued by zonealarm and their response to
> > this list, is proof enough for me that there was an issue and
> > probably quite a few other people. But not you Dave, eh?
> >
> > On 2/7/06, Dave Korn <davek_throwaway () hotmail com> wrote:
> > > Frank Knobbe wrote:
> > > > On Mon, 2006-02-06 at 14:06 +0000, Dave Korn wrote:
> > > > > > > The company says it will fix the "bug" soon. In the
> > meantime you
> > > > > > > can
> > > > > > work >around it by adding:
> > > > > > > # Block access to ZoneLabs Server
> > > > > > > 127.0.0.1 zonelabs.com
> > > > > > > to your Windows host file.
> > >
> > > > >   2)  You aren't the first person in the world to mistake the
> > > > > loopback interface for a routable address, but you do
> > look just as
> > > > > dumb as everyone else who's ever done it down the annals of
> > > > > history.
> > > >
> > > > You might want to remove your foot from your own mouth.
> > The loopback
> > > > thing is a workaround
> > >
> > >   I'm perfectly aware of that, but if you had actually read this
> > > thread you would realise that's not the issue under discussion.
> > >
> > >  I claimed that Cringely was spreading FUD, because he
> > hadn't so much
> > > as shown us a packet trace or an IP address.  Ivan told me to "read
> > > the article again Dave, you'll find that he did provide the
> > ip address
> > > of the destination servers to Zonelaram".  When I point out to Ivan
> > > that a) the article was not by Cringely but a second-hand report of
> > > Cringely's original article, and that b) 127.0.0.1 is not the ip
> > > address of the destination servers, I am correct, and the fact that
> > > redirecting a hostname lookup to the loopback address is an
> > effective
> > > method of blocking an adbanner does not in any way
> > contradict anything
> > > I've said nor confirm anything Ivan said.
> > >
> > >   Maybe that taste of shoe leather you've noticed is coming
> > from your
> > > own mouth?
> > >
> > > > You might want to think yourself before assailing other posters
> > > > verbally. But frankly, I don't care since your email just
> > qualified
> > > > you for my plonker list.
> > >
> > >   That's your choice; if you're happier reading FUD-spreading
> > > mis-reported nonsense from people who don't even know the loopback
> > > address when they see it rather than well-informed posts
> > from people
> > > who have done their background research and know the field, you're
> > > going the right way about it.
> > >
> > >   Of course, you're the ever-so-reasonable guy whose posts
> > are full of
> > > emotive and pejorative terms like "presume we're all lusers", "wild
> > > assumptions", "must be an idiot", "piece of shit", "satisfy
> > the ego",
> > > "stop sucking", so I call PKB on you, troll.
> > >
> > > > Cheers,
> > > > Frank
> > > >
> > > > PS: zonelabs.com resolves to 208.185.174.44 in case you're still
> > > > wondering about an IP address.
> > >
> > >   Your adroitness with nslookup hardly compensates for your
> > not having
> > > paid any attention to the actual *content* of the
> > discussion you wish
> > > to contribute to.
> > >
> > > > PPS: Of course that's not proof of anything. Packet traces
> > would be
> > > > preferred, but I'd think anyone with Zone Alarm could
> > probably gather
> > > > those easily.
> > >
> > >   If you'd care to actually look at this thread, you would
> > have seen
> > > that that is the main point of my original post.
> > >
> > > > (...Why do I even care...)
> > >
> > >   You clearly don't care enough to read the thread and try
> > and follow
> > > the argument you're responding to.  I suggest that if you
> > don't care
> > > that much, you really shouldn't bother writing a half-baked
> > response
> > > that utterly misses the point.
> > >
> > >     cheers,
> > >       DaveK
> > > --
> > > Can't think of a witty .sigline today....
> > >
> > >
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://secunia.com/
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/