Posted on 01/22/2005 6:47:13 AM PST by Gigantor
2005 Free Republic Inaugural Ball - Gigantor has a wild time!
Where exactly did I redirect anyone to a web site?
Looks like we have a spat between two long term FReepers over some technical mumbo jumbo regarding Internet communications/handshaking. I don't know what makes these things tick (the Internet works in mysterious ways), but I sincerely doubt that anyone is trying to break into your computer.
How about just moving on to some other thread?
Thanks,
Jim
So you're saying that the registrant of any web site is also the Domain host?
Thanks Jim - I was typing my last reply and didn't see your post.
Again, Thanks for the great party and a pleasure to see you again!
Gigantor
Well, I disagree that forcing FReepers to shut down their firewalls to view pictures posted on your website is merely "technical mumbo-jumbo". I'm very suspicious of anyone who does that.
I'm also suspicious of FReepers who misrepresent who they really are (not that that is anything new).
For example, if "Gigantor" is not Hank Hayes, administrator of rfny.us, then how does he have have administrative access to hankhayes.com?
But your wish is my command. I'll move on.
Now can we get back to the lady in gold?? It was a much more interesting discussion!!!
You guys are gonna LOVE *this*.
I'd forgotten about "grc.com", and have never tried it with my Linux system. (thanks to whoever reminded me...)
Guess what (get ready for THIS...)
The GRAPHICS on Gibson's site won't display on MY machine, and I'm seeing the SAME BEHAVIOR out of his site!!!!! I'm getting repeated port access attempts from "image.grc.com" on ports in the 32xxx (and now 33xxx) range, failing to connect to some service...
Of course, none of GRC's port analysis goes up that far and he doesn't discuss those ports (which, as someone pointed out, are *unassigned*).
So!! The bottom line is, Gibson Research, purveyor of all paranoias about open ports, is demanding that a port be open in order to see the graphics on their page!
That just takes the pot. (I can still get their analysis to work by clicking on the "red X's".
This is getting REAL interesting... I guess I'm going to have to track down that wacked-out port access behavior (and find out why it's linked to graphic access).
Just what I need. Another case of extreme nerdism. Like I don't have ENOUGH problems. And all because I wanted to look at that broad in the gold dress! There's a lesson in this. God is trying to tell us something. !@#$%^&!!!!!
You may have to wait until Feb 1st to see her - the server has reached its monthly bandwidth limit - Free Republic is just too popular (much like the one in the Gold Dress...)
If you check the source of the graphic, it's: http://image.grc.com which is a secure directory on the grc website. The directory on the rfny.us server is also a secure directory (using Apache/1.3.33 Server at www.rfny.us)
Come on guys - y'all know you can't access secure sites without authentication, which means that since FR is the only authenticated referrer, your browser MUST pass referrer info to the secure site. If your system is configured to prevent that, you are not going to get the pics.
MSDN indicates that when configuring services running on a server, one can specify the port or port range that the service will use, & those with lower priority should use the higher range. It also indicates that, if not specified, additional ports (over common assigned ports) are assigned a random range.
I don't see the problem here. If you guys still want more answers, I recommend you check the following resources:
A tech security discussion forum on grc.com: http://www.grc.com/discussions.htm
The solution is simple - either enable website tracking in your firewall or other security software, or not.
Or just get a packet sniffer and see what info is transmitted on the port in question.
Thanks RebelTex!
The voice of sanity - how refreshing (almost as good as that Lone Star Beer).
I'm happy to know that the server space that rfny.us RENTS is set up to be secure.
Thanks again!
thanks, I will try that.
I've been told that this whole thing may be as simple as this... the photos that have been stored on another server probably look like "banner ads" to Zone Alarm.
Maybe it's not necessary to turn off Zone Alarm or Norton's, but just disable the "block banner ads" feature, if you've got that set.
This could explain why I see the pictures even though Steve Gibson's site says all my ports are secure.
My firewall is WinXP SP2, and I'm not blocking banner ads.
It's not banner-ads, it's the tracking of visited websites setting. If the browser is permitted to pass information about visited websites, then you get the pics - if not, no pics. Various firewall and anti-spy-ware programs have an option to permit or block information about visited websites.
See my previous post #114 where I proved this was the problem for the websites mentioned and then posts #137 and #138 for further explanation.
Okay... Thanks for the links. (Yeah, I need to do my homework... but it's bugging me that I have to become a %^&*$! networking expert. oh well...).
But, I have a couple of questions...
Why would grc.com be concerned about security on a bunch of trivial web-page graphics files? I can access their site otherwise, and get all the printed info; it's just the icons that I can't see... What earthly reason is there to clamp security of some sort on *those*?
Also, when I access their site (or "rfny", or whoever) *directly*, as opposed to through FR, there's no referrer. So what could they be looking for then, that they're not finding? (yeah, it's probably in the documents... I'll look.) (and I'll get a packet sniffer).
What I really want is to figure out a way to feed all these sites a big pile of garbage, when they try to ID me - just because I have a bad attitude.
"Also, when I access their site (or "rfny", or whoever) *directly*, as opposed to through FR, there's no referrer. So what could they be looking for then, that they're not finding? (yeah, it's probably in the documents... I'll look.) (and I'll get a packet sniffer)."
What they are not finding is the reference to the web page that calls up the pictures, since you were not on that page. As I explained before, the secure server looking for the reference to the web page is not going to serve up the images if the reference is missing or invalid. Browsers normally have this 'referrer' info in the headers sent to the server. Browsers also keep a history of visited websites in a directory on your hard drive (you can turn this off). BTW, the reference info is the info about the web page or web pages server or domain - NOT YOUR COMPUTER OR YOUR INFO. If someone were capturing and inspecting this info, what they would see is what the last web page that a computer with the IP address of xxx-xxx-xxx-xxx visited. And the IP address is probably a proxy that your ISP uses. (I hope you don't use a fixed IP address - read grc.com for info about why that's not a good idea.)
Same thing happens when you are on that page and you have the "information about visited web sites" turned off (blocked - a setting in your firewall, browser, anti-spyware, or pop-up blocker) This is ONLY 1 of the many settings for these security software programs, and you can turn it on/off (permit/block).
"What I really want is to figure out a way to feed all these sites a big pile of garbage, when they try to ID me - just because I have a bad attitude."
Again, they are not trying to ID you - just verify that you are visiting an authorized site so they don't get hacked or have unauthorized access to sensitive data. (I guess they could use SSL and require registration with a user name and password, but that would be a real hassle just to see some images and prevent hacking - really cuts down on the number of hits to a web page. /sarcasm)
Don't worry about these type of sites (the 2 under discussion) - they could care less about you and your personal info. The one's that are a nuisance are the one's that have tons of ads and pop-ups, all of which are handled well by good anti-spyware & pop-up blocker programs. Feeding them 'a big pile of garbage' is a waste of time and could bring DOS (Denial of Service) criminal and civil charges against you - don't go there. (Hackers, OTOH, are fair game, IMHO).
You might want to take some courses on networking, network security, HTML, browsers, and building secure websites. This would enhance your understanding.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.