new hosts file

Discussion in 'Port Explorer' started by poogimmal, Jul 25, 2004.

Thread Status:
Not open for further replies.
  1. poogimmal

    poogimmal Registered Member

    Joined:
    May 7, 2004
    Posts:
    79
    while doing other things, ie, adding a hosts file to block certain IPs, I found a MS sample hosts file in my w2k ..\etc dir which included the entry
    64.91.255.87 which has some relation to DCS but I was not sure which DCS app. I removed the "sample" hosts file and inserted the custom blocking hosts file, and all runs ok, but then I used Firefox to open some URL (not particularly related to anything) and Zone Alarm popped up asking if I wanted to let Port Explorer accept connection from interent, my local broadband provider DNS. I said ok, and then I checked ZA and it was already configured with Port Explorer having permission to connect to the internet, so trying to figure out the relationships: 64.91.255.87 (Liquid Web) to DCS and Port Explorer, and why ZA seemed somehow confused about all this. I guess that Port Explorer needs a DNS to resolve info and it was using DCS DNS but now it is using my local DNS. assuming that is essentially correct, is that a problem? if I'm incorrect, please explain. thanks!
     
  2. FanJ

    FanJ Guest

    Hi,

    Maybe this little thread might explain something:
    https://www.wilderssecurity.com/showthread.php?t=25715

    I hope this might help you.
    Please post if you would like more info about your question; I'm sure that one of the DCS-mods would like to help you further if needed.

    Cheers, Jan.
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Funny story, as i always thought the Hosts.sam was never read but just a sample for yourself, so i wonder how TDS (which does it) could have written to it at all!
    Maybe because you blocked the HOSTS file?

    Then, if there is a HOSTS file, how could deleting or changing anywthing in the Hosts.sam have activated ZA or any other program?

    This is a most interesting discovery, and could mean lots of things, which i do hope trojan writers are not exploring yet! It would at least mean we have to block our Hosts.sam file from illigal modifications too!

    Anyway, the IP 64.91.255.87 belongs to DiamondCS and adding the line
    64.91.255.87 www.dcsresearch.com prevents you from jumping to the domain name which name only belonged formerly to DiamondCS but no longer (the site it is now never had nothing to do with DCS at all!), enabling you to jump with F5 immediately to the DiamondCS forum in stead of getting tracking cookies from that unwanted jump.

    I deleted that entry from my HOSTS file and don't get any alarms from the firewall for permissions or anything else, so i wonder what is going on in your case. My Hosts.sam file was unchanged all time.

    If you have a permanent IP address you might like to add a few things in HOSTS, like your IP with some phantasy domain-name after you made sure it doesn't exist on internet yet, and maybe you like the localhosts 127.0.0.1 or 0.0.0.0 to have a name, too which you can add as an extra line.
    So in Port Explorer you will see even more easy which "layer" in your system is involved in connections: computername, public IP, local host 127* or localhost 0*, netcard, modem, etc.
     
  4. BlueStar50

    BlueStar50 Registered Member

    Joined:
    Jul 16, 2004
    Posts:
    15
    w98se & TDS-3 demo didn't put any entries in my host file (it was read only) or the HOSTS.SAM or LMHOSTS.SAM files but due to your post I made these last 2 read only to just in case.
    Also have ZAP which sometimes asks to permit a program or something that was already permitted and at times seemed to be messed up. Checking the C:\WINDOWS\TEMP folder I would find more than 1 file named ZLT02aab.TMP (name varies but starts with ZL). After restarting the computer it will let you delete the file that is not in use (not the one it is using) and it seems to work fine again. It seems that sometimes I can do something to where it is trying to use 2 files in the temp folder at the same time. If this happens and you delete one of them you will need to see if the program settings or expert rules remain the same as you want them to be. I have made changes and the file it kept didn't have them in it.
     
  5. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    As long as you have the suggested line in HOSTS you'll be fine.
     
Thread Status:
Not open for further replies.