Posted on 01/22/2005 6:47:13 AM PST by Gigantor
2005 Free Republic Inaugural Ball - Gigantor has a wild time!
Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
And
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
So I'm pretty safe unless I do something stupid like shutting down my firewall to see some pictures.
BTW, from the [Internet Assigned Numbers Authority], Ports 32897-33330 are "Unassigned".
You said: Well, not exactly. The registrar is someone called Hank Hayes.
If you go to www.hankhayes.com, you see this picture, whom I assume to be Hank Hayes.
So you're saying that the registrant of any web site is also the Domain host?!? That's news to me.
Are you sure that Hank Hayes owns the server that hosts www.HankHayes.com - or is it possible
that you are talking out of the back of your head?
Are we a little defensive this morning?
Nice job of not answering the question: So you're saying that the registrant of any web site is also the Domain host?
I guess I was right that Gigantor=Hank Hayes, since the photo on his your website just changed to a bogus picture of Snopercod.
But frankly, I don't care who owns it or hosts it; I just want to know why your website (thank you for confirming it is yours) is trying to access unused ports on everybody's computer.
We have a FReeper here - Hank Hayes, AKA Gigantor - who seems to be trying to hack into FReeper computers via his website for some reason. Read the previous posts for the details.
Now, both on his own website and here on FR (post #150), he makes a personal attack on me. To wit:
Is the management here going to enforce the rules or not? Is the management here concerned at all about being used to collect God-only-knows-what private information on FReepers?
>>One of the tests in 'Shields UP' is a port probe - it will tell you the status of your ports - open, closed, or stealth. You can even probe specific ports. Check it out.
Thanks, RebelTex.
I ran all the tests and my computer got a perfect score... Steve Gibson says, "despite many attempts, it wisely refused to answer. Very cool".
As I mentioned yesterday, I was able to see all but two of the photos and I got no error messages such as others did.
And that is very cool.
I use no "add on" firewall software... just WinXP SP2.
"UNASSIGNED PORT NUMBERS SHOULD NOT BE USED. THE IANA WILL ASSIGN THE NUMBER FOR THE PORT AFTER YOUR APPLICATION HAS BEEN APPROVED."
So our friend "Hank" is violating internet protocol by trying to probe unassigned ports on our machines via his website, as well as forum rules by directing FReepers to a (possibly malicious) site that he runs to boost the hits there.
Paging all software types (repage in some cases) for comments....
You continue to refuse to answer the question: So you're saying that the registrant of any web site is also the Domain host?
Now you're backpedaling why is that, snopercod?
Again, I said RFNY.COM is hosted by THRIFTWEB.COM
and you said: Well, not exactly. The registrar is someone called Hank Hayes.
Why do you claim that the registrar of a web site must also be the Web host? You apparently either misunderstand or are ignorant about Domain registration, parking, and web site hosting.
But frankly, I don't care who owns it or hosts it; I just want to know why your website (thank you for confirming it is yours) is trying to access unused ports on everybody's computer.
Are you sure that a 'web site' is trying to do this.
The problem you have is with the Website's HOST and the way their SERVERS and software configured - talk to them.
Hank, I am talking to "them". It's obvious to the most casual observer that you are "them", since you have administrative access to hankhayes.com and hankhayes is the administrator of rfny.com.
I did notice that you've gained a few pounds since those pictures at hankhayes.com were taken (the ones you've left up, anyway). But hey, who hasn't?
You really shouldn't misrepresent yourself here.
Where exactly did I redirect anyone to a web site?
Looks like we have a spat between two long term FReepers over some technical mumbo jumbo regarding Internet communications/handshaking. I don't know what makes these things tick (the Internet works in mysterious ways), but I sincerely doubt that anyone is trying to break into your computer.
How about just moving on to some other thread?
Thanks,
Jim
So you're saying that the registrant of any web site is also the Domain host?
Thanks Jim - I was typing my last reply and didn't see your post.
Again, Thanks for the great party and a pleasure to see you again!
Gigantor
Well, I disagree that forcing FReepers to shut down their firewalls to view pictures posted on your website is merely "technical mumbo-jumbo". I'm very suspicious of anyone who does that.
I'm also suspicious of FReepers who misrepresent who they really are (not that that is anything new).
For example, if "Gigantor" is not Hank Hayes, administrator of rfny.us, then how does he have have administrative access to hankhayes.com?
But your wish is my command. I'll move on.
Now can we get back to the lady in gold?? It was a much more interesting discussion!!!
You guys are gonna LOVE *this*.
I'd forgotten about "grc.com", and have never tried it with my Linux system. (thanks to whoever reminded me...)
Guess what (get ready for THIS...)
The GRAPHICS on Gibson's site won't display on MY machine, and I'm seeing the SAME BEHAVIOR out of his site!!!!! I'm getting repeated port access attempts from "image.grc.com" on ports in the 32xxx (and now 33xxx) range, failing to connect to some service...
Of course, none of GRC's port analysis goes up that far and he doesn't discuss those ports (which, as someone pointed out, are *unassigned*).
So!! The bottom line is, Gibson Research, purveyor of all paranoias about open ports, is demanding that a port be open in order to see the graphics on their page!
That just takes the pot. (I can still get their analysis to work by clicking on the "red X's".
This is getting REAL interesting... I guess I'm going to have to track down that wacked-out port access behavior (and find out why it's linked to graphic access).
Just what I need. Another case of extreme nerdism. Like I don't have ENOUGH problems. And all because I wanted to look at that broad in the gold dress! There's a lesson in this. God is trying to tell us something. !@#$%^&!!!!!
You may have to wait until Feb 1st to see her - the server has reached its monthly bandwidth limit - Free Republic is just too popular (much like the one in the Gold Dress...)
If you check the source of the graphic, it's: http://image.grc.com which is a secure directory on the grc website. The directory on the rfny.us server is also a secure directory (using Apache/1.3.33 Server at www.rfny.us)
Come on guys - y'all know you can't access secure sites without authentication, which means that since FR is the only authenticated referrer, your browser MUST pass referrer info to the secure site. If your system is configured to prevent that, you are not going to get the pics.
MSDN indicates that when configuring services running on a server, one can specify the port or port range that the service will use, & those with lower priority should use the higher range. It also indicates that, if not specified, additional ports (over common assigned ports) are assigned a random range.
I don't see the problem here. If you guys still want more answers, I recommend you check the following resources:
A tech security discussion forum on grc.com: http://www.grc.com/discussions.htm
The solution is simple - either enable website tracking in your firewall or other security software, or not.
Or just get a packet sniffer and see what info is transmitted on the port in question.
Thanks RebelTex!
The voice of sanity - how refreshing (almost as good as that Lone Star Beer).
I'm happy to know that the server space that rfny.us RENTS is set up to be secure.
Thanks again!
thanks, I will try that.
I've been told that this whole thing may be as simple as this... the photos that have been stored on another server probably look like "banner ads" to Zone Alarm.
Maybe it's not necessary to turn off Zone Alarm or Norton's, but just disable the "block banner ads" feature, if you've got that set.
This could explain why I see the pictures even though Steve Gibson's site says all my ports are secure.
My firewall is WinXP SP2, and I'm not blocking banner ads.
It's not banner-ads, it's the tracking of visited websites setting. If the browser is permitted to pass information about visited websites, then you get the pics - if not, no pics. Various firewall and anti-spy-ware programs have an option to permit or block information about visited websites.
See my previous post #114 where I proved this was the problem for the websites mentioned and then posts #137 and #138 for further explanation.
Okay... Thanks for the links. (Yeah, I need to do my homework... but it's bugging me that I have to become a %^&*$! networking expert. oh well...).
But, I have a couple of questions...
Why would grc.com be concerned about security on a bunch of trivial web-page graphics files? I can access their site otherwise, and get all the printed info; it's just the icons that I can't see... What earthly reason is there to clamp security of some sort on *those*?
Also, when I access their site (or "rfny", or whoever) *directly*, as opposed to through FR, there's no referrer. So what could they be looking for then, that they're not finding? (yeah, it's probably in the documents... I'll look.) (and I'll get a packet sniffer).
What I really want is to figure out a way to feed all these sites a big pile of garbage, when they try to ID me - just because I have a bad attitude.
"Also, when I access their site (or "rfny", or whoever) *directly*, as opposed to through FR, there's no referrer. So what could they be looking for then, that they're not finding? (yeah, it's probably in the documents... I'll look.) (and I'll get a packet sniffer)."
What they are not finding is the reference to the web page that calls up the pictures, since you were not on that page. As I explained before, the secure server looking for the reference to the web page is not going to serve up the images if the reference is missing or invalid. Browsers normally have this 'referrer' info in the headers sent to the server. Browsers also keep a history of visited websites in a directory on your hard drive (you can turn this off). BTW, the reference info is the info about the web page or web pages server or domain - NOT YOUR COMPUTER OR YOUR INFO. If someone were capturing and inspecting this info, what they would see is what the last web page that a computer with the IP address of xxx-xxx-xxx-xxx visited. And the IP address is probably a proxy that your ISP uses. (I hope you don't use a fixed IP address - read grc.com for info about why that's not a good idea.)
Same thing happens when you are on that page and you have the "information about visited web sites" turned off (blocked - a setting in your firewall, browser, anti-spyware, or pop-up blocker) This is ONLY 1 of the many settings for these security software programs, and you can turn it on/off (permit/block).
"What I really want is to figure out a way to feed all these sites a big pile of garbage, when they try to ID me - just because I have a bad attitude."
Again, they are not trying to ID you - just verify that you are visiting an authorized site so they don't get hacked or have unauthorized access to sensitive data. (I guess they could use SSL and require registration with a user name and password, but that would be a real hassle just to see some images and prevent hacking - really cuts down on the number of hits to a web page. /sarcasm)
Don't worry about these type of sites (the 2 under discussion) - they could care less about you and your personal info. The one's that are a nuisance are the one's that have tons of ads and pop-ups, all of which are handled well by good anti-spyware & pop-up blocker programs. Feeding them 'a big pile of garbage' is a waste of time and could bring DOS (Denial of Service) criminal and civil charges against you - don't go there. (Hackers, OTOH, are fair game, IMHO).
You might want to take some courses on networking, network security, HTML, browsers, and building secure websites. This would enhance your understanding.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.