LabVIEWguru
Senior Member
Offline
Posts: 300
Thank You
-Given: 273
-Receive: 593
|
|
« on: February 10, 2011, 11:07:52 23:07 » |
|
I was digging around in my computer and found in the hosts file located in:
c:\windows\ System32 \ drivers \ etc \
178.32.95.1 paypal.com
This is a redirect, any time papal is accessed it is redirected to this IP address located in France!
I checked using this ip address using ipwhois and typed in into google. It would be wise to check your hosts file!
178.32.95.1 IP address location & more: IP address [?]: 178.32.95.1 [Whois] [Reverse IP] IP country code: FR IP address country: ip address flag France IP address state: n/a IP address city: n/a IP address latitude: 46.0000 IP address longitude: 2.0000 ISP of this IP [?]: Ovh Systems Organization: VPS services
My friends, I keep my computer locked down pretty tight - I even use "drive drawers" to keep the internet drive separate from my work - but I never thought to check my hosts file! I'm going to cruise this IP address and see what is up. Check your computers!
|
|
|
Logged
|
|
|
|
pickit2
Moderator
Hero Member
Online
Posts: 4667
Thank You
-Given: 834
-Receive: 4322
There is no evidence that I muted SoNsIvRi
|
|
« Reply #1 on: February 11, 2011, 12:13:42 00:13 » |
|
what you don't have hosts locked down, you need to be on top of it. copy of my host file 127.0.0.1 tonec.com 127.0.0.1 www.tonec.com 127.0.0.1 registeridm.com 127.0.0.1 www.registeridm.com 127.0.0.1 secure.registeridm.com 127.0.0.1 internetdownloadmanager.com 127.0.0.1 www.internetdownloadmanager.com 127.0.0.1 secure.internetdownloadmanager.com 127.0.0.1 mirror.internetdownloadmanager.com 127.0.0.1 mirror2.internetdownloadmanager.com 127.0.0.1 mirror3.internetdownloadmanager.com 127.0.0.1 533soft.com 127.0.0.1 nero.com 127.0.0.1 http://www.nero.com 127.0.0.1 activate.nero.com 127.0.0.1 http://www.activate.nero.com 127.0.0.1 http://www.533soft.com/ 127.0.0.1 gpsoftware.com.au 127.0.0.1 www.gpsoftware.com.au 127.0.0.1 3dns-2.adobe.com #192.150.22.22 127.0.0.1 3dns-3.adobe.com #192.150.14.21 127.0.0.1 3dns-4.adobe.com #192.150.18.247 127.0.0.1 3dns-5.adobe.com #192.150.22.46 127.0.0.1 adobe-dns.adobe.com #192.150.11.30 127.0.0.1 adobe-dns-2.adobe.com #192.150.11.247 127.0.0.1 adobe-dns-3.adobe.com #192.150.22.30 127.0.0.1 adobe.activate.com #69.175.22.26 127.0.0.1 activate.adobe.com #192.150.22.40 127.0.0.1 activate.wip3.adobe.com #192.150.22.40 127.0.0.1 activate.wip4.adobe.com #192.150.22.40 127.0.0.1 activate-sea.adobe.com #192.150.22.40 127.0.0.1 activate-sjc0.adobe.com #192.150.14.69 127.0.0.1 ereg.adobe.com #192.150.18.103 127.0.0.1 ereg.wip3.adobe.com #192.150.18.63 127.0.0.1 ereg.wip4.adobe.com #192.150.18.103 127.0.0.1 practivate.adobe.com #192.150.18.54 127.0.0.1 www.wip3.adobe.com #192.150.8.60 127.0.0.1 www.wip4.adobe.com #192.150.18.200 127.0.0.1 www.adobeereg.com #75.125.24.83 127.0.0.1 adobeereg.com #207.66.2.10 127.0.0.1 hl2rcv.adobe.com #192.150.14.174 127.0.0.1 wwis-dubc1-vip30.adobe.com #192.150.8.30 127.0.0.1 wwis-dubc1-vip31.adobe.com #192.150.8.31 127.0.0.1 wwis-dubc1-vip32.adobe.com #192.150.8.32 127.0.0.1 wwis-dubc1-vip33.adobe.com #192.150.8.33 127.0.0.1 wwis-dubc1-vip34.adobe.com #192.150.8.34 127.0.0.1 wwis-dubc1-vip35.adobe.com #192.150.8.35 127.0.0.1 wwis-dubc1-vip36.adobe.com #192.150.8.36 127.0.0.1 wwis-dubc1-vip37.adobe.com #192.150.8.37 127.0.0.1 wwis-dubc1-vip38.adobe.com #192.150.8.38 127.0.0.1 wwis-dubc1-vip39.adobe.com #192.150.8.39 127.0.0.1 wwis-dubc1-vip40.adobe.com #192.150.8.40 127.0.0.1 wwis-dubc1-vip41.adobe.com #192.150.8.41 127.0.0.1 wwis-dubc1-vip42.adobe.com #192.150.8.42 127.0.0.1 wwis-dubc1-vip43.adobe.com #192.150.8.43 127.0.0.1 wwis-dubc1-vip44.adobe.com #192.150.8.44 127.0.0.1 wwis-dubc1-vip45.adobe.com #192.150.8.45 127.0.0.1 wwis-dubc1-vip46.adobe.com #192.150.8.46 127.0.0.1 wwis-dubc1-vip47.adobe.com #192.150.8.47 127.0.0.1 wwis-dubc1-vip48.adobe.com #192.150.8.48 127.0.0.1 wwis-dubc1-vip49.adobe.com #192.150.8.49 127.0.0.1 wwis-dubc1-vip50.adobe.com #192.150.8.50 127.0.0.1 wwis-dubc1-vip51.adobe.com #192.150.8.51 127.0.0.1 wwis-dubc1-vip52.adobe.com #192.150.8.52 127.0.0.1 wwis-dubc1-vip53.adobe.com #192.150.8.53 127.0.0.1 wwis-dubc1-vip54.adobe.com #192.150.8.54 127.0.0.1 wwis-dubc1-vip55.adobe.com #192.150.8.55 127.0.0.1 wwis-dubc1-vip56.adobe.com #192.150.8.56 127.0.0.1 wwis-dubc1-vip57.adobe.com #192.150.8.57 127.0.0.1 wwis-dubc1-vip58.adobe.com #192.150.8.58 127.0.0.1 wwis-dubc1-vip59.adobe.com #192.150.8.59 127.0.0.1 wwis-dubc1-vip60.adobe.com #192.160.8.60 127.0.0.1 wwis-dubc1-vip61.adobe.com #192.160.8.61 127.0.0.1 wwis-dubc1-vip62.adobe.com #192.160.8.62 127.0.0.1 wwis-dubc1-vip63.adobe.com #192.160.8.63 127.0.0.1 wwis-dubc1-vip64.adobe.com #192.160.8.64 127.0.0.1 wwis-dubc1-vip65.adobe.com #192.160.8.65 127.0.0.1 wwis-dubc1-vip66.adobe.com #192.160.8.66 127.0.0.1 wwis-dubc1-vip67.adobe.com #192.160.8.67 127.0.0.1 wwis-dubc1-vip68.adobe.com #192.160.8.68 127.0.0.1 wwis-dubc1-vip69.adobe.com #192.160.8.69 127.0.0.1 wwis-dubc1-vip70.adobe.com #192.170.8.70 127.0.0.1 wwis-dubc1-vip71.adobe.com #192.170.8.71 127.0.0.1 wwis-dubc1-vip72.adobe.com #192.170.8.72 127.0.0.1 wwis-dubc1-vip73.adobe.com #192.170.8.73 127.0.0.1 wwis-dubc1-vip74.adobe.com #192.170.8.74 127.0.0.1 wwis-dubc1-vip75.adobe.com #192.170.8.75 127.0.0.1 wwis-dubc1-vip76.adobe.com #192.170.8.76 127.0.0.1 wwis-dubc1-vip77.adobe.com #192.170.8.77 127.0.0.1 wwis-dubc1-vip78.adobe.com #192.170.8.78 127.0.0.1 wwis-dubc1-vip79.adobe.com #192.170.8.79 127.0.0.1 wwis-dubc1-vip80.adobe.com #192.180.8.80 127.0.0.1 wwis-dubc1-vip81.adobe.com #192.180.8.81 127.0.0.1 wwis-dubc1-vip82.adobe.com #192.180.8.82 127.0.0.1 wwis-dubc1-vip83.adobe.com #192.180.8.83 127.0.0.1 wwis-dubc1-vip84.adobe.com #192.180.8.84 127.0.0.1 wwis-dubc1-vip85.adobe.com #192.180.8.85 127.0.0.1 wwis-dubc1-vip86.adobe.com #192.180.8.86 127.0.0.1 wwis-dubc1-vip87.adobe.com #192.180.8.87 127.0.0.1 wwis-dubc1-vip88.adobe.com #192.180.8.88 127.0.0.1 wwis-dubc1-vip89.adobe.com #192.180.8.89 127.0.0.1 wwis-dubc1-vip90.adobe.com #192.190.8.90 127.0.0.1 wwis-dubc1-vip91.adobe.com #192.190.8.91 127.0.0.1 wwis-dubc1-vip92.adobe.com #192.190.8.92 127.0.0.1 wwis-dubc1-vip93.adobe.com #192.190.8.93 127.0.0.1 wwis-dubc1-vip94.adobe.com #192.190.8.94 127.0.0.1 wwis-dubc1-vip95.adobe.com #192.190.8.95 127.0.0.1 wwis-dubc1-vip96.adobe.com #192.190.8.96 127.0.0.1 wwis-dubc1-vip97.adobe.com #192.190.8.97 127.0.0.1 wwis-dubc1-vip98.adobe.com #192.190.8.98 127.0.0.1 wwis-dubc1-vip99.adobe.com #192.190.8.99 127.0.0.1 wwis-dubc1-vip100.adobe.com #192.1100.8.100 127.0.0.1 wwis-dubc1-vip101.adobe.com #192.1100.8.101 127.0.0.1 wwis-dubc1-vip102.adobe.com #192.1100.8.102 127.0.0.1 wwis-dubc1-vip103.adobe.com #192.1100.8.103 127.0.0.1 wwis-dubc1-vip104.adobe.com #192.1100.8.104 127.0.0.1 wwis-dubc1-vip105.adobe.com #192.1100.8.105 127.0.0.1 wwis-dubc1-vip106.adobe.com #192.1100.8.106 127.0.0.1 wwis-dubc1-vip107.adobe.com #192.1100.8.107 127.0.0.1 wwis-dubc1-vip108.adobe.com #192.1100.8.108 127.0.0.1 wwis-dubc1-vip109.adobe.com #192.1100.8.109 127.0.0.1 wwis-dubc1-vip110.adobe.com #192.1110.8.110 127.0.0.1 wwis-dubc1-vip111.adobe.com #192.1110.8.111 127.0.0.1 wwis-dubc1-vip112.adobe.com #192.1110.8.112 127.0.0.1 wwis-dubc1-vip113.adobe.com #192.1110.8.113 127.0.0.1 wwis-dubc1-vip114.adobe.com #192.1110.8.114 127.0.0.1 wwis-dubc1-vip115.adobe.com #192.1110.8.115 127.0.0.1 wwis-dubc1-vip116.adobe.com #192.1110.8.116 127.0.0.1 wwis-dubc1-vip117.adobe.com #192.1110.8.117 127.0.0.1 wwis-dubc1-vip118.adobe.com #192.1110.8.118 127.0.0.1 wwis-dubc1-vip119.adobe.com #192.1110.8.119 127.0.0.1 wwis-dubc1-vip120.adobe.com #192.1120.8.120 127.0.0.1 wwis-dubc1-vip121.adobe.com #192.1120.8.121 127.0.0.1 wwis-dubc1-vip122.adobe.com #192.1120.8.122 127.0.0.1 wwis-dubc1-vip123.adobe.com #192.1120.8.123 127.0.0.1 wwis-dubc1-vip124.adobe.com #192.1120.8.124 127.0.0.1 wwis-dubc1-vip125.adobe.com #192.1120.8.125 127.0.0.1 3dns-2.adobe.com #192.150.22.22 127.0.0.1 3dns-3.adobe.com #192.150.14.21 127.0.0.1 3dns-4.adobe.com #192.150.18.247 127.0.0.1 3dns-5.adobe.com #192.150.22.46 127.0.0.1 adobe-dns.adobe.com #192.150.11.30 127.0.0.1 adobe-dns-2.adobe.com #192.150.11.247 127.0.0.1 adobe-dns-3.adobe.com #192.150.22.30 127.0.0.1 adobe.activate.com #69.175.22.26 127.0.0.1 activate.adobe.com #192.150.22.40 127.0.0.1 activate.wip3.adobe.com #192.150.22.40 127.0.0.1 activate.wip4.adobe.com #192.150.22.40 127.0.0.1 activate-sea.adobe.com #192.150.22.40 127.0.0.1 activate-sjc0.adobe.com #192.150.14.69 127.0.0.1 ereg.adobe.com #192.150.18.103 127.0.0.1 ereg.wip3.adobe.com #192.150.18.63 127.0.0.1 ereg.wip4.adobe.com #192.150.18.103 127.0.0.1 practivate.adobe.com #192.150.18.54 127.0.0.1 www.wip3.adobe.com #192.150.8.60 127.0.0.1 www.wip4.adobe.com #192.150.18.200 127.0.0.1 www.adobeereg.com #75.125.24.83 127.0.0.1 adobeereg.com #207.66.2.10 127.0.0.1 hl2rcv.adobe.com #192.150.14.174 127.0.0.1 wwis-dubc1-vip30.adobe.com #192.150.8.30 127.0.0.1 wwis-dubc1-vip31.adobe.com #192.150.8.31 127.0.0.1 wwis-dubc1-vip32.adobe.com #192.150.8.32 127.0.0.1 wwis-dubc1-vip33.adobe.com #192.150.8.33 127.0.0.1 wwis-dubc1-vip34.adobe.com #192.150.8.34 127.0.0.1 wwis-dubc1-vip35.adobe.com #192.150.8.35 127.0.0.1 wwis-dubc1-vip36.adobe.com #192.150.8.36 127.0.0.1 wwis-dubc1-vip37.adobe.com #192.150.8.37 127.0.0.1 wwis-dubc1-vip38.adobe.com #192.150.8.38 127.0.0.1 wwis-dubc1-vip39.adobe.com #192.150.8.39 127.0.0.1 wwis-dubc1-vip40.adobe.com #192.150.8.40 127.0.0.1 wwis-dubc1-vip41.adobe.com #192.150.8.41 127.0.0.1 wwis-dubc1-vip42.adobe.com #192.150.8.42 127.0.0.1 wwis-dubc1-vip43.adobe.com #192.150.8.43 127.0.0.1 wwis-dubc1-vip44.adobe.com #192.150.8.44 127.0.0.1 wwis-dubc1-vip45.adobe.com #192.150.8.45 127.0.0.1 wwis-dubc1-vip46.adobe.com #192.150.8.46 127.0.0.1 wwis-dubc1-vip47.adobe.com #192.150.8.47 127.0.0.1 wwis-dubc1-vip48.adobe.com #192.150.8.48 127.0.0.1 wwis-dubc1-vip49.adobe.com #192.150.8.49 127.0.0.1 wwis-dubc1-vip50.adobe.com #192.150.8.50 127.0.0.1 wwis-dubc1-vip51.adobe.com #192.150.8.51 127.0.0.1 wwis-dubc1-vip52.adobe.com #192.150.8.52 127.0.0.1 wwis-dubc1-vip53.adobe.com #192.150.8.53 127.0.0.1 wwis-dubc1-vip54.adobe.com #192.150.8.54 127.0.0.1 wwis-dubc1-vip55.adobe.com #192.150.8.55 127.0.0.1 wwis-dubc1-vip56.adobe.com #192.150.8.56 127.0.0.1 wwis-dubc1-vip57.adobe.com #192.150.8.57 127.0.0.1 wwis-dubc1-vip58.adobe.com #192.150.8.58 127.0.0.1 wwis-dubc1-vip59.adobe.com #192.150.8.59 127.0.0.1 wwis-dubc1-vip60.adobe.com #192.160.8.60 127.0.0.1 wwis-dubc1-vip61.adobe.com #192.160.8.61 127.0.0.1 wwis-dubc1-vip62.adobe.com #192.160.8.62 127.0.0.1 wwis-dubc1-vip63.adobe.com #192.160.8.63 127.0.0.1 wwis-dubc1-vip64.adobe.com #192.160.8.64 127.0.0.1 wwis-dubc1-vip65.adobe.com #192.160.8.65 127.0.0.1 wwis-dubc1-vip66.adobe.com #192.160.8.66 127.0.0.1 wwis-dubc1-vip67.adobe.com #192.160.8.67 127.0.0.1 wwis-dubc1-vip68.adobe.com #192.160.8.68 127.0.0.1 wwis-dubc1-vip69.adobe.com #192.160.8.69 127.0.0.1 wwis-dubc1-vip70.adobe.com #192.170.8.70 127.0.0.1 wwis-dubc1-vip71.adobe.com #192.170.8.71 127.0.0.1 wwis-dubc1-vip72.adobe.com #192.170.8.72 127.0.0.1 wwis-dubc1-vip73.adobe.com #192.170.8.73 127.0.0.1 wwis-dubc1-vip74.adobe.com #192.170.8.74 127.0.0.1 wwis-dubc1-vip75.adobe.com #192.170.8.75 127.0.0.1 wwis-dubc1-vip76.adobe.com #192.170.8.76 127.0.0.1 wwis-dubc1-vip77.adobe.com #192.170.8.77 127.0.0.1 wwis-dubc1-vip78.adobe.com #192.170.8.78 127.0.0.1 wwis-dubc1-vip79.adobe.com #192.170.8.79 127.0.0.1 wwis-dubc1-vip80.adobe.com #192.180.8.80 127.0.0.1 wwis-dubc1-vip81.adobe.com #192.180.8.81 127.0.0.1 wwis-dubc1-vip82.adobe.com #192.180.8.82 127.0.0.1 wwis-dubc1-vip83.adobe.com #192.180.8.83 127.0.0.1 wwis-dubc1-vip84.adobe.com #192.180.8.84 127.0.0.1 wwis-dubc1-vip85.adobe.com #192.180.8.85 127.0.0.1 wwis-dubc1-vip86.adobe.com #192.180.8.86 127.0.0.1 wwis-dubc1-vip87.adobe.com #192.180.8.87 127.0.0.1 wwis-dubc1-vip88.adobe.com #192.180.8.88 127.0.0.1 wwis-dubc1-vip89.adobe.com #192.180.8.89 127.0.0.1 wwis-dubc1-vip90.adobe.com #192.190.8.90 127.0.0.1 wwis-dubc1-vip91.adobe.com #192.190.8.91 127.0.0.1 wwis-dubc1-vip92.adobe.com #192.190.8.92 127.0.0.1 wwis-dubc1-vip93.adobe.com #192.190.8.93 127.0.0.1 wwis-dubc1-vip94.adobe.com #192.190.8.94 127.0.0.1 wwis-dubc1-vip95.adobe.com #192.190.8.95 127.0.0.1 wwis-dubc1-vip96.adobe.com #192.190.8.96 127.0.0.1 wwis-dubc1-vip97.adobe.com #192.190.8.97 127.0.0.1 wwis-dubc1-vip98.adobe.com #192.190.8.98 127.0.0.1 wwis-dubc1-vip99.adobe.com #192.190.8.99 127.0.0.1 wwis-dubc1-vip100.adobe.com #192.1100.8.100 127.0.0.1 wwis-dubc1-vip101.adobe.com #192.1100.8.101 127.0.0.1 wwis-dubc1-vip102.adobe.com #192.1100.8.102 127.0.0.1 wwis-dubc1-vip103.adobe.com #192.1100.8.103 127.0.0.1 wwis-dubc1-vip104.adobe.com #192.1100.8.104 127.0.0.1 wwis-dubc1-vip105.adobe.com #192.1100.8.105 127.0.0.1 wwis-dubc1-vip106.adobe.com #192.1100.8.106 127.0.0.1 wwis-dubc1-vip107.adobe.com #192.1100.8.107 127.0.0.1 wwis-dubc1-vip108.adobe.com #192.1100.8.108 127.0.0.1 wwis-dubc1-vip109.adobe.com #192.1100.8.109 127.0.0.1 wwis-dubc1-vip110.adobe.com #192.1110.8.110 127.0.0.1 wwis-dubc1-vip111.adobe.com #192.1110.8.111 127.0.0.1 wwis-dubc1-vip112.adobe.com #192.1110.8.112 127.0.0.1 wwis-dubc1-vip113.adobe.com #192.1110.8.113 127.0.0.1 wwis-dubc1-vip114.adobe.com #192.1110.8.114 127.0.0.1 wwis-dubc1-vip115.adobe.com #192.1110.8.115 127.0.0.1 wwis-dubc1-vip116.adobe.com #192.1110.8.116 127.0.0.1 wwis-dubc1-vip117.adobe.com #192.1110.8.117 127.0.0.1 wwis-dubc1-vip118.adobe.com #192.1110.8.118 127.0.0.1 wwis-dubc1-vip119.adobe.com #192.1110.8.119 127.0.0.1 wwis-dubc1-vip120.adobe.com #192.1120.8.120 127.0.0.1 wwis-dubc1-vip121.adobe.com #192.1120.8.121 127.0.0.1 wwis-dubc1-vip122.adobe.com #192.1120.8.122 127.0.0.1 wwis-dubc1-vip123.adobe.com #192.1120.8.123 127.0.0.1 wwis-dubc1-vip124.adobe.com #192.1120.8.124 127.0.0.1 wwis-dubc1-vip125.adobe.com #192.1120.8.125
|
|
|
Logged
|
Note: I stoped Muteing bad members OK I now put thier account in sleep mode
|
|
|
LabVIEWguru
Senior Member
Offline
Posts: 300
Thank You
-Given: 273
-Receive: 593
|
|
« Reply #2 on: February 11, 2011, 02:28:53 02:28 » |
|
Got it - thanks. That's what I was originally doing - I didn't want anything calling home. I usually have *nothing* on my internet drive. I decided to upgrade a piece of software that uses one of the addresses you show, and that's when I found it. I went to the address and there is a page that is apparently been shut down for a while. Now I'm wondering what I downloaded that contains a script to modify the hosts file.
man, I must be developing Alzheimer's disease. I can't believe I fell for something like this...
|
|
« Last Edit: February 11, 2011, 03:18:13 03:18 by LabVIEWguru »
|
Logged
|
|
|
|
itp
Junior Member
Offline
Posts: 66
Thank You
-Given: 224
-Receive: 20
|
|
« Reply #3 on: February 11, 2011, 04:55:17 04:55 » |
|
Hi LabViewguru You can also refer following link about "Blocking Unwanted Parasites with a Hosts File". http://www.mvps.org/winhelp2002/hosts.htmRegards Itp
|
|
|
Logged
|
|
|
|
solutions
Hero Member
Offline
Posts: 1826
Thank You
-Given: 656
-Receive: 905
|
|
« Reply #4 on: February 11, 2011, 09:01:13 09:01 » |
|
Due to this alert, I found that my friends at Microshaft, the guys that make so much money, and whose CEO is the richest nerd in the world because they do not include a Win7 disk with my computer, decided to plant some redirect "genuine" garbage in my LMHOSTS just because I restored the same OS due to a disk changeout with a "convenient" replacement. I was getting all kinds of ID questions on Paypal the other day...can't help but wonder now if they were trying to track me down.
|
|
|
Logged
|
|
|
|
LabVIEWguru
Senior Member
Offline
Posts: 300
Thank You
-Given: 273
-Receive: 593
|
|
« Reply #5 on: February 11, 2011, 04:05:46 16:05 » |
|
What ?!? Now THAT is scary - is this the same guy that wants everyone to be issued a card with your own "Internet ID" that *must* be used every time you log on?
I've met some *really* smart guys that thought Bill was the antichrist. I thought this was an extreme view until recently. I've got to learn Linux.
I thought I had things pretty tight - hardware firewall, separate drive only for internet use, wiping LSOs and so on. Now that I've been educated about redirects using the hosts file, I wonder what else I've been missing? I always considered myself sufficiently paranoid, but I'm not so sure now......
|
|
|
Logged
|
|
|
|
I_R_Machinist
Guest
|
|
« Reply #6 on: March 08, 2011, 02:28:08 02:28 » |
|
Can someone please explain the purpose of the hosts file to me? I think I get the gist of how it works, but not entirely.
The hosts file will redirect data going to the listed domain to the IP placed in the list, right? Is this why most Adobe patches have you modify the hosts file to redirect activation requests back to your own machine instead of the Adobe servers? I could see why having paypal redirected to some random IP would be dangerous, super phishing...
Now, what if I wanted to block a certain program's access to an activation server when I don't know the domain the program is trying to access. Can I use a packet sniffer to "see" what the program is trying to connect to and place just the IP in my hosts file? Or does the hosts file only work with domain names?
Thank you for the warning, I will check all of the computers I frequently use!
|
|
|
Logged
|
|
|
|
Istanbul18
Inactive
Offline
Posts: 2
Thank You
-Given: 0
-Receive: 0
|
|
« Reply #7 on: May 27, 2011, 06:08:29 06:08 » |
|
I am getting paranoid from this. So what if paypal is calling home? What is the actual risk? Will it cause the kind of chaos that viruses cause. Is private info being sent? What kind of information will it transmit. I don't mean to belittle your concern, I just want to know what to worry about and if so what should I do about it?
|
|
|
Logged
|
|
|
|
pickit2
Moderator
Hero Member
Online
Posts: 4667
Thank You
-Given: 834
-Receive: 4322
There is no evidence that I muted SoNsIvRi
|
|
« Reply #8 on: May 27, 2011, 02:10:10 14:10 » |
|
I am getting paranoid from this. So what if paypal is calling home? What is the actual risk? Will it cause the kind of chaos that viruses cause. Is private info being sent? What kind of information will it transmit. I don't mean to belittle your concern, I just want to know what to worry about and if so what should I do about it?
your not seeing the problem, you put in your browser www.paypal.com and your host fine that has been messed with sends you to www.ineedyourpaypaydetails.com you get there and see fake site that looks like paypal and you enter your login details. time only to watch your money exit your bank via windows. All unless they are from Africa and want to find out you banking details, to put in your account the 4.5million that belongs to some dead guy, that dont have any family.
|
|
|
Logged
|
Note: I stoped Muteing bad members OK I now put thier account in sleep mode
|
|
|
PM3295
Senior Member
Offline
Posts: 312
Thank You
-Given: 358
-Receive: 155
|
|
« Reply #9 on: May 27, 2011, 08:34:44 20:34 » |
|
|
|
|
Logged
|
|
|
|
LabVIEWguru
Senior Member
Offline
Posts: 300
Thank You
-Given: 273
-Receive: 593
|
|
« Reply #10 on: May 27, 2011, 09:47:30 21:47 » |
|
Istanbul18: Here is what I originally had... 178.32.95.1 paypal.com 127.0.0.1 www.activate.adobe.com127.0.0.1 www.porn.com127.0.0.1 www.smut.com127.0.0.1 www.whatever.com(many, many more listed) So, you are telling your computer when I type " www.porn.com" in my address bar and hit enter, instead of going to the DNS server and looking up the IP address for " www.porn.com," I will give you the IP address. In this case it is the "internal" IP address for the computer. You'll get a blank screen. So I make up a fake paypal page that looks exactly like the real paypal page. I put it at IP 178.32.95.1. I put logon and password boxes on my page just like the real one. Only with mine, after you enter your logon and password it stores the data you just gave me, gives you a message that there was a mistake then redirects you to the real page. You just think you misspelled your password. The fake site is now about to clean you out of all your money since you gave paypal your logon and passord. So Labviewguru is dumb and happy and when he goes to paypal.com his hosts file sends him to 178.32.95.1 rather than the real paypal.com I enter my logon and password. They now take all my money. I was just too stupid and didn't check often enough. Maybe I will make the file read-only?
|
|
« Last Edit: May 27, 2011, 09:51:37 21:51 by LabVIEWguru »
|
Logged
|
|
|
|
TomJackson69
Active Member
Offline
Posts: 218
Thank You
-Given: 26
-Receive: 63
|
|
« Reply #11 on: May 28, 2011, 05:03:58 05:03 » |
|
@LabVIEWguru,
So, what is the solution? what can the Paypal user do? Don't put money into the account until before use it???
Tom
|
|
|
Logged
|
Con Rong Chau Tien
|
|
|
LabVIEWguru
Senior Member
Offline
Posts: 300
Thank You
-Given: 273
-Receive: 593
|
|
« Reply #12 on: May 28, 2011, 05:50:16 17:50 » |
|
1) I put a shortcut on my desktop so I can look at the hosts file. before I use anything like paypal or log into my bank, I look at the hosts file to see if anything is there. 2) I am going to experiment with the hosts file. Unless I need to change it, software should not change it. So I will make it read-only. 3) I went to the Credit Union (like a bank, but not for profit and owned by the members) and opened a 2nd account with a debit card. I just keep a small amount of money ($25.00) in there and if I want to buy something I transfer the money. 4) I have "drive slides" (holders for my hard drives so I can remove them) and only allow 1 drive to access the internet. I have 2 other hard drives for my work and for my research and I do not allow them to talk to the internet. If something happens to my internet drive I will just format it. 5) ESET NOD32 on the Internet drive. Hardware firewall. 6) Called a friend in Ohio that teaches Networking & Security at a college. He said that is about all I can do without installing more software to slow my system down by doing file size compare, dates and such.
Posted on: May 28, 2011, 06:32:40 18:32 - Automerged
I wasn't going to write this, but it is a good story with a good moral: Five years ago I lived in another town and it had it's own small telephone company with DSL. They said I had to install their software if I was on their system. I said "OK" and threw it away as soon as I left their office. When I got everything running, I noticed the "Computers Near Me" icon had a large number next to it. I opened it and I was looking at about 75 other systems! I could just log into their hard drives from my desktop! (to make a long story short) A LOT of people began calling the telephone company complaining and they had to hire consultants to come in and fix the system.
Moral of the story: No matter what you do, you still have to deal with very, very stupid people.
|
|
|
Logged
|
|
|
|
TomJackson69
Active Member
Offline
Posts: 218
Thank You
-Given: 26
-Receive: 63
|
|
« Reply #13 on: May 29, 2011, 12:53:59 00:53 » |
|
LabVIEWguru,
I am OK with your solution; keep bank account dry until I need to buy something (the account registered with Paypal).
I have a question: What happen if you delete “178.32.95.1 paypal.com” from your “hosts file”?
Thank you,
Tom
|
|
|
Logged
|
Con Rong Chau Tien
|
|
|
LabVIEWguru
Senior Member
Offline
Posts: 300
Thank You
-Given: 273
-Receive: 593
|
|
« Reply #14 on: May 29, 2011, 03:58:11 03:58 » |
|
Ah! I should have said that. Once it is deleted, your system will go out to the DNS server and find the correct IP address for paypal.
When I opened the 2nd account the young lady said "You must be shopping on Ebay" so I guess this is a common solution.
|
|
|
Logged
|
|
|
|
TomJackson69
Active Member
Offline
Posts: 218
Thank You
-Given: 26
-Receive: 63
|
|
« Reply #15 on: May 30, 2011, 05:45:30 17:45 » |
|
LabVIEWguru,
Very good, at least there is a solution for it. I keep my eyes on the bank account and the Paypal account also to see if there are illigle activities. Just for my peace of mind.
Tom
|
|
|
Logged
|
Con Rong Chau Tien
|
|
|
|