Hmmmm The Do Not Call List

When the thing first came out, I signed up, and viola, no calls....today I get a call "No Info" on caller ID and a phone number. Try and call it back, and message says I have to reveal MY phone number to connect.
So, I attempt to go to the DO Not Call web site which is run by the FTC. Guess what folks, the FTC is SCANNING hard drives.
This may not come as a surprise to you, but it surprised me.
I have this nice little program called Peer Guardian. It keeps sites from scanning my hard drive for songs and stuff (not that I would have any :@@ any way, the first clue that you are being scanned when you have Peer Guardian running is the inability to find the web page. I checked my Peer Guardian log and ...........

Connection Rejected: 206.16.196.198 - FTC c/o AT&T Gov't Solutions, Inc (02-05-2004 @ 17:48:25)
Connection Rejected: 164.62.7.30 - Federal Trade Commission (02-05-2004 @ 17:48:30)
Connection Rejected: 164.62.7.30 - Federal Trade Commission (02-05-2004 @ 17:48:33)
Connection Rejected: 164.62.7.30 - Federal Trade Commission (02-05-2004 @ 17:48:40)

No suprise but what are they seriously looking for your phone number lol and anything else like that such as your IP, gateway, and history (cookies and such), are open ended so just curiously what are they looking for. By the way if you think it's music I'd find that a little hoaky.

The FTC wasn't scanning your hard drive..

First of all it's impossible for someone to just "scan" a hard drive without proper software and permission, and the IPs it logged are simply the ftc http servers, which wouldnt be used for government "spying" or what have you. PeerGuardian is not very reliable, it saw the incoming connections on port 80 when you accessed the ftc website and logged that for some reason.

Originally posted by Shoktek


First of all it's impossible for someone to just "scan" a hard drive without proper software and permission,

Oh really. Perhaps you should go here, and read what they CAN DO, how do you think that all these people are being sued? Random names?
and these guys are scanning what?
Rejected: 64.201.101.4 - Race Technologies P2P Scanners (10-05-2003 @ 12:15:41)
Rejected: 209.225.0.6 - fake files and p2p bots
Rejected: 166.90.148.200 - Metro-Goldwyn-Mayer (10-31-2003 @ 08:50:42)
Rejected: 38.118.139.18 - Performance Systems International (Hash-Exploiter On KaZaA)
THIS ONE IS MY FAVORITE OF ALL THOUGH
ejected: 198.81.129.100 - Central Intelligence Agency (01-11-2004 @ 02:21:34)
Rejected: 198.81.129.100 - Central Intelligence Agency (01-11-2004 @ 02:21:38)
www.peerguardian.net...

Or to find out if your name is on the list, go here
www.techtv.com...

quote "The court documents don't show individual users' real names. They do show file-sharing network user names, the user's ISP, the user's IP address, and a sampling of copyright songs the user allegedly made available for download. To date, many ISPs have been contacted, including Pac Bell Internet, SBC, Charter Communications, Comcast, Adelphia, RCN, and Time Warner.






[Edited on 5-2-2004 by NetStorm]

Originally posted by NetStorm
Oh really. Perhaps you should go here, and read what they CAN DO, how do you think that all these people are being sued? Random names?
and these guys are scanning what?
Rejected: 64.201.101.4 - Race Technologies P2P Scanners (10-05-2003 @ 12:15:41)
Rejected: 209.225.0.6 - fake files and p2p bots
Rejected: 166.90.148.200 - Metro-Goldwyn-Mayer (10-31-2003 @ 08:50:42)
Rejected: 38.118.139.18 - Performance Systems International (Hash-Exploiter On KaZaA)
THIS ONE IS MY FAVORITE OF ALL THOUGH
ejected: 198.81.129.100 - Central Intelligence Agency (01-11-2004 @ 02:21:34)
Rejected: 198.81.129.100 - Central Intelligence Agency (01-11-2004 @ 02:21:38)
www.peerguardian.net...

Or to find out if your name is on the list, go here
www.techtv.com...

If you are running Apps such as Kazaa or BitTorrent, then they can use those to scan your "shared folder" etc, but they cant just scan a hard drive if you visit their website. And run a check on the IPs in your report, thats the ftc.gov Web server, they dont use it to scan for illegal songs..you dont know what youre talking about.

198.81.129.100 that is a CIA webserver, no they wouldnt use it for anything else.



[Edited on 5-2-2004 by Shoktek]

Originally posted by Shoktek
And run a check on the IPs in your report, thats the ftc.gov Web server, they dont use it to scan for illegal songs..you dont know what youre talking about.

Excuse me Sir, I DON'T know what I am talking about?
It's OK to say that the goverment listens to your phone calls, our cell phones or tracks you by your onstar, BUT the govt WON'T use it's OWN goverment agency to look at your hard drive?
How logical is that.
PeerGuardian REJECTS ANYTHING that attempts to gain access to your system. I DO NOT SHARE MY FOLDER NOR MY HARDDRIVE. So why are they looking ?
ANd BTW
I am a Novell Certified Network Admin, a MCSE and Microsfot A+ tech, so I believe I know what I CAN and CAN NOT do remotley to someones computer and or vice versa. Gee why do we have firewalls then, if people can't get into your system unless you share something. And did I say ANYWHERE in my post that the FTC was looking for music? NO I said they were scanning systems



[Edited on 5-2-2004 by NetStorm]

Originally posted by NetStorm
I am a Novell Certified Network Admin, a MCSE and Microsfot A+ tech, so I believe I know what I CAN and CAN NOT do remotley to someones computer and or vice versa.

That is VERY hard to believe, you would know as a network admin that the government would never compromise their web server security by also using it to break into people's computers. Yes, if they were determined to break into a computer they could, but PeerGuardian simply monitors incoming packets (something you should know about with your "certification") and if you tried to access ftc.gov, well that comes in on port 80 from the same IP you had listed, that in no way means you are being "hacked". Try again.

The government doesnt randomly connect to individual's home computers for no reason, if they want to monitor someone on the internet they will set up a little box at your ISP that monitors all network activity going through your account.

[Edited on 5-2-2004 by Shoktek]

Originally posted by NetStorm
I said they were scanning systems

I would really like your expert "network admin" opinion of how the government can just "scan systems". Please enlighten me. The most information you could get from the average windows user from scanning their system would be OS version, ports open and services they are running, you can't explore their hard drive unless you have explicit network permission given to you from the host computer. You can't remotely access a hard drive unless they are running some type of service like ftp or telnet that allows remote hosts to log in to the system. That is ridiculous to even think of that they can just scan hard drives.

[Edited on 5-2-2004 by Shoktek]

While you two go head to head. One, yes, it is possible to remotely scan someones HDD without the proper permission if not hacks would not exist. Two, it's the federal trade commission for omnipresent rulers sake, all these people want more than likely is just you stupid cookie list thus why it's trying to access you computer. Alot of sites do this my friend one way or another I'm sure if you went to an online store or some where equivalent it would set it off too. So before jumping to rash conspirisist lunicies if you are a network, A+ certified tech you shouldn't of over looked that fact. Sorry man not really seeing anything special in this.

[Edited on 5-2-2004 by Lorn]

Originally posted by Shoktek

Originally posted by NetStorm
I said they were scanning systems

I would really like your expert "network admin" opinion of how the government can just "scan systems". Please enlighten me. The most information you could get from the average windows user from scanning their system would be OS version, ports open and services they are running, you can't explore their hard drive unless you have explicit network permission given to you from the host computer. You can't remotely access a hard drive unless they are running some type of service like ftp or telnet that allows remote hosts to log in to the system. That is ridiculous to even think of that they can just scan hard drives.

[Edited on 5-2-2004 by Shoktek]

Really?

Read this

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Original release date: February 05, 2004
Last revised: --
Source: US-CERT

A complete revision history can be found at the end of this file.

Systems Affected

* Check Point Firewall-1 NG FCS
* Check Point Firewall-1 NG FP1
* Check Point Firewall-1 NG FP2
* Check Point Firewall-1 NG FP3, HF2
* Check Point Firewall-1 NG with Application Intelligence R54
* Check Point Firewall-1 NG with Application Intelligence R55

Overview

Several versions of Check Point Firewall-1 contain a vulnerability that
allows remote attackers to execute arbitrary code with administrative
privileges. This allows the attacker to take control of the firewall,
and in some cases, to also control the server it runs on.

I. Description

The Application Intelligence (AI) component of Check Point Firewall-1
is an application proxy that scans traffic for application layer
attacks once it has passed through the firewall at the network level.
Earlier versions of Firewall-1 include the HTTP Security Server, which
provides similar functionality.

Both the AI and HTTP Security Server features contain an HTTP parsing
vulnerability that is triggered by sending an invalid HTTP request
through the firewall. When Firewall-1 generates an error message in
response to the invalid request, a portion of the input supplied by the
attacker is included in the format string for a call to sprintf().

Researchers at Internet Security Systems have determined that it is
possible to exploit this format string vulnerability to execute
commands on the firewall. The researchers have also determined that
this vulnerability can be exploited as a heap overflow, which would
allow an attacker to execute arbitrary code. In either case, the
commands or code executed by the attacker would run with administrative
privileges, typically "SYSTEM" or "root". For more information, please
see the ISS advisory at:

xforce.iss.net...

The CERT/CC is tracking this issue as VU#790771. This reference number
corresponds to CVE candidate CAN-2004-0039.

II. Impact

This vulnerability allows remote attackers to execute arbitrary code on
affected firewalls with administrative privileges, typically "SYSTEM"
or "root". Failed attempts to exploit this vulnerability may cause the
firewall to crash.

III. Solution

Apply the patch from Check Point

Check Point has published a "Firewall-1 HTTP Security Server Update"
that modifies the error return strings used when an invalid HTTP
request is detected. For more information, please see the Check Point
bulletin at:

www.checkpoint.com...

This update prevents attackers from using several known error strings
to exploit this vulnerability. It is unclear at this time whether there
are other attack vectors that may still allow exploitation of the
underlying software defect.

Originally posted by Lorn
While you two go head to head. One, yes, it is possible to remotely scan someones HDD without the proper permission if not hacks would not exist.

Yes, it is possible if a computer is not well secured. i.e., it is infected with a trojan horse, or is running outdated software with known exploits that would allow access. (I think there was an internet explorer exploit that allowed viewing the entire hard drive, as well as a kazaa security problem allowing the whole hard drive to be seen). Still, you cant just automatically scan a hard drive, you would have to be quite motivated to do this on some windows dialup user's PC, and would most likely not be possible if they have decent security.

Originally posted by Lorn
While you two go head to head. One, yes, it is possible to remotely scan someones HDD without the proper permission if not hacks would not exist. Two, it's the federal trade commission for omnipresent rulers sake, all these people want more than likely is just you stupid cookie list thus why it's trying to access you computer. Alot of sites do this my friend one way or another I'm sure if you went to an online store or some where equivalent it would set it off too. So before jumping to rash conspirisist lunicies if you are a network, A+ certified tech you shouldn't of over looked that fact. Sorry man not really seeing anything special in this.

[Edited on 5-2-2004 by Lorn]

I didn't say it was a conspiracy. When I signed up for the do not call list. I got in fine AND was running PeerGuardian.
Now PeerGuardian rejects it.
THIS is what PeerGuardian does

Peer Guardian is an IP filter. It has a list of IP address which it will prevent from connecting to your computer. It can only be as good as the list of IP address it blocks.

Some P2P programs also have the ability to import and use these same IP block lists. I used to run Peer Guardian, but now I just import the lists straight into the P2P programs I use.

List of IP address to block can be found on the web.

Here is a list of IP address to block for the Azureus program.

azureus.sourceforge.net/...s/filters.config

This site has a tool that can import lists designed for one program like the one above, and output the list in other P2P formats ready for you to import.

www.bluetack.co.uk/convert.html

Remember, it is YOUR computer and you have the RIGHT to allow whomever you like to connect to your computer and you have the RIGHT to BLOCK whomever you like from accessing your computer.

Originally posted by NetStorm

Really?

Read this

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Ok, no need to post that entire thing...yes, if someone is running vulnerable software it is entirely possible, but this is unlikely and not practical for anyone to use. Randomly scanning hard drives of people who visit the ftc.gov website is not plausible.

Peerguardian really doesn't work too well...I know lots of cases where it just blocks fellow p2p users because their ISP has some kind of american or government affiliated name...just like blocking ftc.gov's server. I haven't used peerguardian, but does it watch all standard ports, or simply those that you specify for file sharing purposes?

Originally posted by Shoktek
Peerguardian really doesn't work too well...I know lots of cases where it just blocks fellow p2p users because their ISP has some kind of american or government affiliated name...just like blocking ftc.gov's server. I haven't used peerguardian, but does it watch all standard ports, or simply those that you specify for file sharing purposes?

Just the ones specified in the list, thats why I use BlackIce for the rest.
Sir, I am not trying to be an a$$, I simply din not feel that I deserved the "you do not know what you are talking about"
And I was simply sharing something that I found that was "new"
Believe me Sir, you can do A LOT to a persons computer if you want to and have the time. Just like the vunerablity in the Windows messaging system. Do you have yours turned off? Cause it not a person and or website CAN take over your computer.
Port 80 is easly protected by using
AppShield edges InterDo in battle of Port 80 filters
www.nwfusion.com...

I never said I knew it all, just from what I have seen happen from personal experience.
I have never in a post to someone come out and said
You don't know what you are talking about" irregardless of how silly the post may seem.
With that said, I extend my hand and say " It's done"
All I expect from this board is the chance to learn and interact with other people, but not to be told that I am full of caca
Cool? Cool

Originally posted by NetStorm

Originally posted by Shoktek
Peerguardian really doesn't work too well...I know lots of cases where it just blocks fellow p2p users because their ISP has some kind of american or government affiliated name...just like blocking ftc.gov's server. I haven't used peerguardian, but does it watch all standard ports, or simply those that you specify for file sharing purposes?

Just the ones specified in the list, thats why I use BlackIce for the rest.
Sir, I am not trying to be an a$$, I simply din not feel that I deserved the "you do not know what you are talking about"
And I was simply sharing something that I found that was "new"
Believe me Sir, you can do A LOT to a persons computer if you want to and have the time. Just like the vunerablity in the Windows messaging system. Do you have yours turned off? Cause it not a person and or website CAN take over your computer.
Port 80 is easly protected by using
AppShield edges InterDo in battle of Port 80 filters
www.nwfusion.com...

I never said I knew it all, just from what I have seen happen from personal experience.
I have never in a post to someone come out and said
You don't know what you are talking about" irregardless of how silly the post may seem.
With that said, I extend my hand and say " It's done"
All I expect from this board is the chance to learn and interact with other people, but not to be told that I am full of caca
Cool? Cool

Sorry if it came off as rude, but I keep my guard up related to computer discussion as it seems every other day there is a new "H4Ck3R" talking about how l33T they are...so I like to shut them down when they start talking their crap. I haven't heard about a windows messaging vulnerability, I assume you mean the messaging system in NetBIOS..

You two are no fun come one slit my throat a little, but here I'll play this one even. Yeah they probably were scanning your PC but not in it's entirety, I seriously doubt you hard drive and all of your mp3,videos,porn, and illegal banking records were compromised. They were just looking at it from the front end you safe don't panic. Also for the other, "they can't scan unless they have the proper premision.." crap, that's all it is is crap. In utmost honesty and courtisy, for you safety, don't be that ignorant, yes they can, yes they do, and definetly yes they will. Be it government, pimply teen who makes up for his lack of a sex life with this, or a typically company it will happen. Pull your head out of the dirt it's dark down there.

Originally posted by Shoktek
I haven't heard about a windows messaging vulnerability, I assume you mean the messaging system in NetBIOS..

Here is some info on it.

www.itc.virginia.edu...

Microsoft issued a Q article on it also.
I don't know what OS you are running, but if it is XP there are 2 ways to disable depending if it is Home or Profesional.
The link gives the info on all that they can do with the little "pop up" window

Thanks for opportunity to discuss this and not let it get into hand to hand combat.

Yea I know how to disable it...thats not an exploit, just a way for malicious spammers to advertise through the messaging system I guess. Advertising on the internet has grown to uncontrollable measures these days.

Why won't you swing at me I got opinions too. I AM A PERSOOOONNNNN!!!!!!! lol