Re: [Win2k] Stopping sw from phoning home
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 09/11/05
- Previous message: ignisfatuus: "Re: [Win2k] Stopping sw from phoning home"
- In reply to: ignisfatuus: "Re: [Win2k] Stopping sw from phoning home"
- Next in thread: Paul Adare: "Re: [Win2k] Stopping sw from phoning home"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 10 Sep 2005 19:30:51 -0500
You can use an ipsec filttering policy that contains a rule that has a
filter list with those IP addresses and a block filter action. The link
below may also be of help in that it shows the basics of an ipsec filtering
policy. --- Steve
http://www.securityfocus.com/infocus/1559
"ignisfatuus" <ignisfatuus3267nospam@cox.com> wrote in message
news:ndKUe.76780$Ji4.64527@fed1read03...
> Mr. Umbach:
>
> The good news is that the sw in question uses 2 very specific IP addresses
> and ports each time it phones home. The bad news is that the source port
> is 80. I'm going to mess with IPSEC and see if I can create a policy to
> block this annoying behavior. I've never done it before but am about to
> learn. I'm starting here.
>
> http://support.microsoft.com/kb/813878#XSLTH4153121121120121120120
>
> Any further advise would be appreciated. Thx.
>
>
>
> Steven L Umbach wrote:
>> Check all the options on it for configuration to see if you can disable
>> it from doing so. If that will not work you would need to find what IP
>> addresses and port/protocols it is using. You could use a packet sniffer,
>> check your routers logs, use netstat -an while it is actively accessing
>> the internet, or a tool such as port reporter as shown in the link below.
>> Once you know that information you could configure an ipsec filtering
>> policy or your router to stop access. It may be difficult if it uses port
>> 80 TCP since that is used for your internet access unless it uses the
>> same IP address all the time in which case you could block access to the
>> specific IP addresses it uses. A software firewall such as Zone Alarm
>> could easily stop such activity but you seem to be against using such. If
>> you can track down the executable that is used for automatic internet
>> access with something like port reporter you could try to delete the file
>> [save a copy] or change permissions on the file so that user and system
>> have full control deny permissions. --- Steve
>>
>> http://www.microsoft.com/downloads/details.aspx?FamilyID=69ba779b-bae9-4243-b9d6-63e62b4bcd2e&displaylang=en
>>
>> "ignisfatuus" <ignisfatuus3267nospam@cox.com> wrote in message
>> news:cyFUe.76750$Ji4.10382@fed1read03...
>>
>>>Note: I do not want to use a sw firewall to do this.
>>>
>>>How do I prevent Musicmatch Juke from phoning home? There must be a way
>>>to stop the software from phoning home in MS Security settings somewhere.
>>>I'm just not sure where. IPSEC maybe? Please advise.
>>>
>>>I've got a DI-604 router but there doesn't seem to be a way to prevent
>>>the sw in question from venturing out on the Net w/o permission in those
>>>settings.
>>
>>
- Previous message: ignisfatuus: "Re: [Win2k] Stopping sw from phoning home"
- In reply to: ignisfatuus: "Re: [Win2k] Stopping sw from phoning home"
- Next in thread: Paul Adare: "Re: [Win2k] Stopping sw from phoning home"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
