Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Firewall that blocks specified IP's

1 view
Skip to first unread message

Alfred Einstein

unread,
Mar 20, 2008, 10:25:02 PM3/20/08
to
I need to block certain IP addresses ... that is, any outbound attempt to
connect to a certain IP would be blocked, regardless of protocol.

Is there firewall software that can do this?


Ross

unread,
Mar 21, 2008, 5:07:17 AM3/21/08
to

I assume the HOSTS file doesn't block all protocols?

4N

unread,
Mar 21, 2008, 6:11:09 AM3/21/08
to
>>I need to block certain IP addresses ... that is, any outbound attempt to
>>connect to a certain IP would be blocked, regardless of protocol.
>>
>>Is there firewall software that can do this?
>
> I assume the HOSTS file doesn't block all protocols?

kerio does what you want but probably it's better to modify HOSTS, if you
have to install it just or that purpose


PCPaul

unread,
Mar 21, 2008, 8:06:29 AM3/21/08
to

Hosts works well but only if the person you are trying to block is using
domain name URLs not numeric IP addresses.

If they are smart enough to try that, the simplest thing you can do is
add a static route to your router (or a straight block if it has the
capability).

hummingbird

unread,
Mar 21, 2008, 8:45:37 AM3/21/08
to

On Thu, 20 Mar 2008 22:25:02 -0400 'Alfred Einstein'
wrote this on alt.comp.freeware:

>I need to block certain IP addresses ... that is, any outbound attempt to
>connect to a certain IP would be blocked, regardless of protocol.
>
>Is there firewall software that can do this?


HOSTS file is the answer but you might have to consider how
to handle IP addresses which are dynamic.

--
There is no such thing as the "alt.comp.freeware Ware Glossary".
There is only the "Pricelessware Ware Glossary" or "Ware Glossary".

The glossary was created by a few people associated with the
pricelesswarehome.org website, who decided to call their glossary the
"alt.comp.freeware Ware Glossary" to mislead onlookers into believing
that it represents the collective work of, and has been approved by,
those who post to alt.comp.freeware. That is totally untrue.

hummingbird

unread,
Mar 21, 2008, 9:03:26 AM3/21/08
to

On Fri, 21 Mar 2008 12:06:29 GMT 'PCPaul'
wrote this on alt.comp.freeware:

>On Fri, 21 Mar 2008 11:11:09 +0100, 4N wrote:
>
>>>>I need to block certain IP addresses ... that is, any outbound attempt
>>>>to connect to a certain IP would be blocked, regardless of protocol.
>>>>
>>>>Is there firewall software that can do this?
>>>
>>> I assume the HOSTS file doesn't block all protocols?
>>
>> kerio does what you want but probably it's better to modify HOSTS, if
>> you have to install it just or that purpose
>
>Hosts works well but only if the person you are trying to block is using
>domain name URLs not numeric IP addresses.

Can you explain this please?
Are you saying that an IP address added into a HOSTS file
does not get blocked?


>If they are smart enough to try that, the simplest thing you can do is
>add a static route to your router (or a straight block if it has the
>capability).

--

Krazee Brenda

unread,
Mar 21, 2008, 12:18:42 PM3/21/08
to
On Fri, 21 Mar 2008 12:45:37 +0000, hummingbird wrote:

> HOSTS file is the answer but you might have to consider how
> to handle IP addresses which are dynamic.

Only two ways. Look up the range of IP addresses from the IP-ISP and
block them by wildcards or grab them one by one as they come in.

The other way is to switch and *allow* only certain IP and port combos
incoming, snapin remote access and add a third credential as to how ppl
are trying to get in (e.g. logins a SysAdmin).
--
See Brenda's UniWorldWare
http://tinyurl.com/nm2yt

hummingbird

unread,
Mar 21, 2008, 1:01:56 PM3/21/08
to

On Fri, 21 Mar 2008 12:18:42 -0400 'Krazee Brenda'
wrote this on alt.comp.freeware:

>On Fri, 21 Mar 2008 12:45:37 +0000, hummingbird wrote:
>
>> HOSTS file is the answer but you might have to consider how
>> to handle IP addresses which are dynamic.


>Only two ways. Look up the range of IP addresses from the IP-ISP and
>block them by wildcards or grab them one by one as they come in.

Agreed.

>The other way is to switch and *allow* only certain IP and port combos
>incoming, snapin remote access and add a third credential as to how ppl
>are trying to get in (e.g. logins a SysAdmin).

A sort of white list approach?

Nomen Nescio

unread,
Mar 21, 2008, 1:49:09 PM3/21/08
to
"Krazee Brenda" <brenda...@gmail.com> wrote in
message news:1v3zbfysbc075.p...@40tude.net...

> On Fri, 21 Mar 2008 12:45:37 +0000, hummingbird wrote:
>
>> HOSTS file is the answer but you might have to consider how
>> to handle IP addresses which are dynamic.
>
> Only two ways. Look up the range of IP addresses from the IP-ISP and
> block them by wildcards or grab them one by one as they come in.
>
> The other way is to switch and *allow* only certain IP and port combos
> incoming, snapin remote access and add a third credential as to how ppl
> are trying to get in (e.g. logins a SysAdmin).

You know jack shit.
Whitelists and SORBS-RBL. Dummy head.
Don't post if you don't know,

Bear Bottoms

unread,
Mar 21, 2008, 2:05:36 PM3/21/08
to

http://jack.zunino.net/knowjack.htm


--
Bear Bottoms - I research freeware
Freeware Website http://bearware.info

Alfred Einstein

unread,
Mar 21, 2008, 5:25:28 PM3/21/08
to
"Ross" <rossnosp...@orcon.net.nz> wrote in message
news:tlu6u3tdtv6btfvq0...@4ax.com...

The hosts file can block hosts by their host name, but not by IP.

I'm trying to block a phone-home program called Gom Player. It tries to go
to ISP PERFORMANCE SYSTEMS INTERNATIONAL INC. using IP 38.119.59.43
They're some sort of professional data snoopers. No outright malicious stuff
that I can see. I think that they're contracted to collect usage information
from unsuspecting users.

I'll grant the Gom Player people credit for making it plain during the
install that the package included phone-home activity. But I still don't
want it to phone home. I want it blocked.

So anyway, I found my answer ... GhostWall. I'd completely forgotten about
that one. It's very simple and light.

I rejected it years ago because it's GUI is hard to use, especially if you
want to configure a lot of rules. And they don't provide a text file
configuration capability.

But this time around, I only needed to add one item to be blocked. So it was
easy.

I turned on the sniffer and I ran Gom Player. With the firewall OFF, the
sniffer shows that he connects to 38.119.59.43 successfully. With the
firewall ON, ...... silence. Nice.


Alfred Einstein

unread,
Mar 21, 2008, 5:27:34 PM3/21/08
to

"Nomen Nescio" <nomen....@nomen.nescio> wrote in message
news:fs0se3$pn7$1...@aioe.org...

Yes, Krazee's answer was quite wrong. But you need simply say that, and no
more.

"Jack shit" and "dummy head" are responses I'd expect from a 3-year-old.

Do I hear "poopy pants"?


Bear Bottoms

unread,
Mar 21, 2008, 6:23:57 PM3/21/08
to

It would have been easier had you said so: The default GOM skin has an
adware bar built into it. This contacts the Gom Korean website, even if
you have the 'check for update' disabled. To fix this:

1. Easy method: pick a new skin that does not have the ad bar 2. Harder
method: Edit the default skin xml file to remove the ad bar.
Ad bar was present in previous versions of GOM, but has only been really
activated in recent releases.

bluerhinoceros

unread,
Mar 21, 2008, 10:59:06 PM3/21/08
to
Alfred Einstein wrote:

> I'm trying to block a phone-home program called Gom Player. It tries to go
> to ISP PERFORMANCE SYSTEMS INTERNATIONAL INC. using IP 38.119.59.43

Hi Alfred:

Try this: type at a command prompt

route add 38.119.59.43 mask 255.255.255.255 xxx.xxx.xxx.xxx

where xxx.xxx.xxx.xxx is your IP address. To determine your IP address,
at a command prompt, type

ipconfig

To remove the "dead-end" route, substitute "delete" for "add".

Hope this helps.

Cheers.

Krazee Brenda

unread,
Mar 21, 2008, 11:22:21 PM3/21/08
to
On Fri, 21 Mar 2008 17:01:56 +0000, hummingbird wrote:

> On Fri, 21 Mar 2008 12:18:42 -0400 'Krazee Brenda'
> wrote this on alt.comp.freeware:
>
>>On Fri, 21 Mar 2008 12:45:37 +0000, hummingbird wrote:
>>
>>> HOSTS file is the answer but you might have to consider how
>>> to handle IP addresses which are dynamic.
>
>>Only two ways. Look up the range of IP addresses from the IP-ISP and
>>block them by wildcards or grab them one by one as they come in.
>
> Agreed.
>
>>The other way is to switch and *allow* only certain IP and port combos
>>incoming, snapin remote access and add a third credential as to how ppl
>>are trying to get in (e.g. logins a SysAdmin).
>
> A sort of white list approach?

Yeppers.

Krazee Brenda

unread,
Mar 21, 2008, 11:23:12 PM3/21/08
to
On Fri, 21 Mar 2008 17:27:34 -0400, Alfred Einstein wrote:

> Yes, Krazee's answer was quite wrong

Where? Works over here.

Krazee Brenda

unread,
Mar 21, 2008, 11:24:19 PM3/21/08
to
On Fri, 21 Mar 2008 17:49:09 -0000, Nomen Nescio wrote:

>> Only two ways. Look up the range of IP addresses from the IP-ISP and
>> block them by wildcards or grab them one by one as they come in.
>>
>> The other way is to switch and *allow* only certain IP and port combos
>> incoming, snapin remote access and add a third credential as to how ppl
>> are trying to get in (e.g. logins a SysAdmin).
>
> You know jack shit.
> Whitelists and SORBS-RBL. Dummy head.
> Don't post if you don't know

All this from an Outlook Express user.

Franklin

unread,
Mar 22, 2008, 12:08:19 AM3/22/08
to
On Sat 22 Mar 2008 03:23:12, Krazee Brenda <brenda...@gmail.com>
wrote:

> On Fri, 21 Mar 2008 17:27:34 -0400, Alfred Einstein wrote:
>
>> Yes, Krazee's answer was quite wrong
>
> Where? Works over here.

In your head? Ask hubby to knock some sense back into it.

Krazee Brenda

unread,
Mar 22, 2008, 2:05:39 AM3/22/08
to
On Sat, 22 Mar 2008 04:08:19 GMT, Franklin wrote:

>>> Yes, Krazee's answer was quite wrong
>>
>> Where? Works over here.
>
> In your head? Ask hubby to knock some sense back into it.

Care to debate security systems, integrated firewalls, VPN, DoS and DDoS
protection, and traffic-management functionality in an enterprise
environment?

No, I don't mean by "enterprise" your laptop at Starbucks either.

hummingbird

unread,
Mar 22, 2008, 7:10:30 AM3/22/08
to

On Sat, 22 Mar 2008 02:05:39 -0400 'Krazee Brenda'
wrote this on alt.comp.freeware:

>On Sat, 22 Mar 2008 04:08:19 GMT, Franklin wrote:


>
>>>> Yes, Krazee's answer was quite wrong
>>>
>>> Where? Works over here.
>>
>> In your head? Ask hubby to knock some sense back into it.
>
>Care to debate security systems, integrated firewalls, VPN, DoS and DDoS
>protection, and traffic-management functionality in an enterprise
>environment?
>
>No, I don't mean by "enterprise" your laptop at Starbucks either.


Franklin is just full of sh*t. Ask him to explain how the jewish
holocaust was affected by wavfile quantisation distortion and the
growth of pixels, and then sit back and watch him produce 1,000
website links.....and note which other groups he cross-posts to.
--
"Goodbye Franklin.
There will be no further contact."
...poster on acf 26-Nov-2007

"Too slimy to touch. Bye forever Franklin."
...poster on acf 22-Nov-2007

Alfred Einstein

unread,
Mar 22, 2008, 9:18:04 AM3/22/08
to
"hummingbird" <hummi...@127.0.0.1> wrote in message
news:ac8f1845ec4b85e7...@localhost.127.0.0.1...

>
> On Fri, 21 Mar 2008 12:06:29 GMT 'PCPaul'
> wrote this on alt.comp.freeware:
>>Hosts works well but only if the person you are trying to block is using
>>domain name URLs not numeric IP addresses.
>
> Can you explain this please?
> Are you saying that an IP address added into a HOSTS file
> does not get blocked?

The hosts file doesn't block ANYTHING. The hosts file is a relic from the
time before NIS and DNS. It serves as a repository of host names, allowing
the server to translate a host name into an IP.

Today, in Windows/Unix/Linux, the computer looks up a host name in the hosts
file first (actually, second or third, I think, behind the archaic 1980's
ERA Windows stuff ... but that's irrelevant. "Nobody" uses that anymore.

But the hosts file (usually) contains only "local" hosts. In many cases
(esp. home computers), the file is empty.

So, failing to find a match, the search goes after DNS. This mechanism can
resolve any host name, if its owner wishes to "publish" that via DNS. So
when you go "google.com", your computer can't find that in hosts, but it
then DOES find it on DNS. With the IP in hand, your computer can connect to
that host.

The "blocking" capability of hosts stems from the use of bogus entries. If
you put google.com into your hosts file, with a bogus IP address, your
computer finds that and attempts to connect to that bogus IP.

Typically, people use 127.0.0.1 (localhost) as the bogus IP. That IP is
"special" ... it refers to your own computer. So, with that IP, you're
connecting to your own computer, which (probably) has NO service on the
requested port. So there's no reply.

That's how the hosts file "blocks" host names.

But it does not block IP addresses. That is ... if you KNOW Google's IP, you
can specify that IP instead of saying "google.com". In this situation, no
host name lookup in the hosts file (or DNS) is needed. You just connect
directly to the IP. No blockage.

That's what's happens with some phone-home programs. They don't need to do a
host name lookup. The program knows the IP and uses it, unblocked.

Unless, of course, you have an IP-blocking firewall.


Franklin

unread,
Mar 22, 2008, 10:08:32 AM3/22/08
to
On Sat 22 Mar 2008 06:05:39, Krazee Brenda wrote:
> On Sat, 22 Mar 2008 04:08:19 GMT, Franklin wrote:
>
>>>> Yes, Krazee's answer was quite wrong
>>>
>>> Where? Works over here.
>>
>> In your head? Ask hubby to knock some sense back into it.
>
> Care to debate security systems, integrated firewalls, VPN, DoS
> and DDoS protection, and traffic-management functionality in an
> enterprise environment?


Is that it? Is that all?

It's even less than I expected and I my expectation was low.

So YOU think you can tell Bottoms he doesn't know about computing
when you're only five pages ahead of him.

What a bluff it's been all this time.

No wonder you stuck to grunts.

>
> No, I don't mean by "enterprise" your laptop at Starbucks either.
>

You probably mean Star Trek.

hummingbird

unread,
Mar 22, 2008, 11:17:21 AM3/22/08
to

On Sat, 22 Mar 2008 09:18:04 -0400 'Alfred Einstein'
wrote this on alt.comp.freeware:

>"hummingbird" <hummi...@127.0.0.1> wrote in message


Yeah I already understood that lot thanks.
But my previous question still stands:

If I have an entry in my Hosts file like this:

127.0.0.1 www.bbc.co.uk

...then my browser will not be able to contact the BBC website
because it's pointing to localhost.

But if I change that entry to read like this:

127.0.0.1 220.124.86.47

(assuming that 220.124.86.47 is the BBC IP address), are you saying
that entry will block access to the BBC website -or- not?

I believe it will block access but I may be wrong.

bluerhinoceros

unread,
Mar 22, 2008, 11:57:20 AM3/22/08
to
hummingbird wrote:

> 127.0.0.1 220.124.86.47
>
> (assuming that 220.124.86.47 is the BBC IP address), are you saying
> that entry will block access to the BBC website -or- not?
>
> I believe it will block access but I may be wrong.

Hi HB:

It actually would have taken you less time to test this than to post it.

The hosts file is a hostname to IP address mapping, not a routing table.

Cheers.

Alfred Einstein

unread,
Mar 22, 2008, 2:30:16 PM3/22/08
to
"bluerhinoceros" <bluerhi...@humanzoo.invalid> wrote in message
news:13uab35...@news.supernews.com...

Host name blocking is one thing.

IP blocking is another.

And hummingbird blocking is yet another.

Fortunately, the latter kind can be handled in the news reader. No
third-party software needed :)


hummingbird

unread,
Mar 22, 2008, 3:23:38 PM3/22/08
to

On Sat, 22 Mar 2008 08:57:20 -0700 'bluerhinoceros'
wrote this on alt.comp.freeware:

>hummingbird wrote:
>
>> 127.0.0.1 220.124.86.47
>>
>> (assuming that 220.124.86.47 is the BBC IP address), are you saying
>> that entry will block access to the BBC website -or- not?
>>
>> I believe it will block access but I may be wrong.


>Hi HB:

Hi bluerhino :-)

>It actually would have taken you less time to test this than to post it.

Yeah, I though about that when I wrote it but plodded on in case
other people might find it useful.

>The hosts file is a hostname to IP address mapping, not a routing table.

Indeed. I will test it later on ...

Thanks

hummingbird

unread,
Mar 22, 2008, 3:25:07 PM3/22/08
to

On Sat, 22 Mar 2008 14:30:16 -0400 'Alfred Einstein'
wrote this on alt.comp.freeware:

>"bluerhinoceros" <bluerhi...@humanzoo.invalid> wrote in message

yawn

Krazee Brenda

unread,
Mar 22, 2008, 4:34:59 PM3/22/08
to
On Sat, 22 Mar 2008 14:08:32 GMT, Franklin wrote:

> On Sat 22 Mar 2008 06:05:39, Krazee Brenda wrote:
>> On Sat, 22 Mar 2008 04:08:19 GMT, Franklin wrote:
>>
>>>>> Yes, Krazee's answer was quite wrong
>>>>
>>>> Where? Works over here.
>>>
>>> In your head? Ask hubby to knock some sense back into it.
>>

>> *Care to debate security systems, integrated firewalls, VPN, DoS


>> and DDoS protection, and traffic-management functionality in an

>> enterprise environment?*


>
> Is that it? Is that all?
>
> It's even less than I expected and I my expectation was low.

Can't be any higher than your capabilities and shit only stacks knee
high. Now, to the debate, you first.


>
> So YOU think you can tell Bottoms he doesn't know about computing
> when you're only five pages ahead of him.

The debate,the debate.



> What a bluff it's been all this time.

Focus, debate, debate, debate.

>
> No wonder you stuck to grunts.

This is something you and Bare have in common. Your talk to performance
ratios are waaaay out of whack.

Thanks for the debate, Joker.

Franklin

unread,
Mar 22, 2008, 8:30:24 PM3/22/08
to
On Sat 22 Mar 2008 20:34:59, Krazee Brenda ecrit:

> On Sat, 22 Mar 2008 14:08:32 GMT, Franklin wrote:
>> On Sat 22 Mar 2008 06:05:39, Krazee Brenda wrote:
>>> On Sat, 22 Mar 2008 04:08:19 GMT, Franklin wrote:
>>>
>>>>>> Yes, Krazee's answer was quite wrong
>>>>>
>>>>> Where? Works over here.
>>>>
>>>> In your head? Ask hubby to knock some sense back into it.
>>>
>>> *Care to debate security systems, integrated firewalls, VPN, DoS
>>> and DDoS protection, and traffic-management functionality in an
>>> enterprise environment?*
>>
>> Is that it? Is that all?
>>
>> It's even less than I expected and I my expectation was low.
>
> Can't be any higher than your capabilities and shit only stacks
> knee high. Now, to the debate, you first.

You have offered to debate some specific topics because you are half-
way through the O'Reilly book or some equivalent text.

You talk like the hero of the IT world but all you know is intruder
security and denial of service along with network ops. It's not
exactly a tall order for the self-proclaimed greatest computer expert
that ever lived, is it?

There are plenty of people who specialise in those topics if you need
more help. Just ask. I'm not even faintly inclined to help or debate
with someone who keeps throwing tantrums.


>> So YOU think you can tell Bottoms he doesn't know about computing
>> when you're only five pages ahead of him.
>
> The debate,the debate.
>

You're panting "The debate, the debate" like a breathless hound. Why
don't you use the time to answer my two questions about when you were a
major in the Delta Force.

I'm waiting to hear the answers.


>> What a bluff it's been all this time.
>
> Focus, debate, debate, debate.

Oh my! Do you think you are in the college yard or something?

You're supposed to be pretending you're a computer hero so don't behave
like some young dummy.

Krazee Brenda

unread,
Mar 22, 2008, 9:26:56 PM3/22/08
to
On Sun, 23 Mar 2008 00:30:24 GMT, Franklin wrote:

>> Focus, debate, debate, debate.
>
> Oh my! Do you think you are in the college yard or something?

>> Focus, debate, debate, debate.



> You're supposed to be pretending you're a computer hero so don't behave
> like some young dummy.

No debate. I called you out, you ran.

<eom>

Franklin

unread,
Mar 22, 2008, 10:54:58 PM3/22/08
to
On Sun 23 Mar 2008 01:26:56, Krazee Brenda <brenda...@gmail.com>
wrote:

> On Sun, 23 Mar 2008 00:30:24 GMT, Franklin wrote:
>
>>> Focus, debate, debate, debate.
>>
>> Oh my! Do you think you are in the college yard or something?
>
>>> Focus, debate, debate, debate.
>
>> You're supposed to be pretending you're a computer hero so don't
>> behave like some young dummy.
>
> No debate. I called you out, you ran.
>
> <eom>


Maybe in your dreams.

Must say you're more unfocussed than Hummingbird and that's something.
Snipping out short messages just because you want to hide their
contents etc. Have you got PTSD? No straight thinking with that.

Nomen Nescio

unread,
Mar 23, 2008, 4:46:34 PM3/23/08
to
"Krazee Brenda" <brenda...@gmail.com> wrote in message
news:1ek017lye46kr.1...@40tude.net...


Dummy head. You don't know what I post with.
"Outlook Express". You know jack shit about my headers/newsreader.
Don't post if you don't know anything

Bear Bottoms

unread,
Mar 23, 2008, 5:02:34 PM3/23/08
to

This might help
http://jack.zunino.net/knowjack.htm

hummingbird

unread,
Mar 23, 2008, 5:30:29 PM3/23/08
to

On Sun, 23 Mar 2008 20:46:34 -0000 'Nomen Nescio'
wrote this on alt.comp.freeware:


[NB: I do not include KB in my comments below, because she really
*is* knowledgeable about what's possible]

...but the others...well...

The world experts on this newsgroup are just that. We have experts
on ACF who can analyse headers and tell everything about the poster,
even what you had for lunch. Ron May's one example. Franklin (rotfl)
is another, iNcReduLoUs (rotfl x 10) is another. They do it all the
time to prove to their satisfaction who the spoofers/sockpuppets are

Here's a few of your headers which they would swear until death,
reveal what s/w you use to post, what server you posted through
etc etc etc.

<snigger> I mean it's all there. Right? lol. </snigger>


Message-ID: <fs6fiq$b70$2...@aioe.org>
NNTP-Posting-Host: MIEBwHLCrtFAk+V28gEmRw.user.aioe.org
X-Complaints-To: ab...@aioe.org
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-RFC2646: Format=Flowed; Original
X-Newsreader: Microsoft Outlook Express 6.00.2900.3138


That it can all be easily manipulated for security reasons or to
imply that a post was made by another person goes completely
over their heads.

Message has been deleted

Sebastian G.

unread,
Mar 23, 2008, 5:55:54 PM3/23/08
to
Nomen Nescio wrote:


>> All this from an Outlook Express user.
>
>
> Dummy head. You don't know what I post with.
> "Outlook Express". You know jack shit about my headers/newsreader.


Leaves only two possibilities:

- The headers are correct, you're a dump, you're actually using Outlook
Express, means that you don't have any clue about security.

- You're intentionally faking headers to make it appear as Outlook Express,
for no apparent reason. Which means you're dumb as well.

Bear Bottoms

unread,
Mar 23, 2008, 6:05:51 PM3/23/08
to

Good grief...WTF is wrong with you guys. Sebastian...you speak what you
are.

Sebastian G.

unread,
Mar 23, 2008, 6:31:03 PM3/23/08
to
Bear Bottoms wrote:

> On Sun, 23 Mar 2008 16:55:54 -0500, Sebastian G. <se...@seppig.de> wrote:
>
>> Nomen Nescio wrote:
>>
>>
>>>> All this from an Outlook Express user.
>>> Dummy head. You don't know what I post with.
>>> "Outlook Express". You know jack shit about my headers/newsreader.
>>
>> Leaves only two possibilities:
>>
>> - The headers are correct, you're a dump, you're actually using Outlook
>> Express, means that you don't have any clue about security.
>>
>> - You're intentionally faking headers to make it appear as Outlook
>> Express, for no apparent reason. Which means you're dumb as well.
>
> Good grief...WTF is wrong with you guys.


Nothing. This is alt.computer.security, so we're discussing about security,
and someone who either uses Outlook Express or does some security by
obscurity (while also breaking compatibility) shouldn't give advise.

hummingbird

unread,
Mar 23, 2008, 8:35:38 PM3/23/08
to

On Sun, 23 Mar 2008 22:55:54 +0100 'Sebastian G.'
wrote this on alt.comp.freeware:

You're being presumptuous. The poster may have a good reason to fake
his headers ... wait until he responds.

Sebastian G.

unread,
Mar 23, 2008, 9:05:41 PM3/23/08
to
hummingbird wrote:


There is no good reason to fake headers, especially if it introduces
compatibility problems. Even further, why should anyone choose "Outlook
Express"?

hummingbird

unread,
Mar 23, 2008, 9:47:54 PM3/23/08
to

On Mon, 24 Mar 2008 02:05:41 +0100 'Sebastian G.'
wrote this on alt.comp.freeware:

There are reasons to fake headers to hide from public view what
posting s/w he uses to deter stalkers, and the poster may have
chosen OE for no particular reason (ie a random choice). I'm not
aware of the compatibility problems you refer to.

Sven Svensson

unread,
Mar 23, 2008, 10:25:31 PM3/23/08
to
Alfred Einstein wrote , at 2008-03-21 03:25:
> I need to block certain IP addresses ... that is, any outbound attempt to
> connect to a certain IP would be blocked, regardless of protocol.
>
> Is there firewall software that can do this?

Is there a firewall that can't do it?

Cecil SeaSerpent

unread,
Mar 23, 2008, 11:02:05 PM3/23/08
to

"Nomen Nescio" <nomen....@nomen.nescio> wrote in message
news:fs6fiq$b70$2...@aioe.org...

Hi "Unknown Name":

MID Xns9A18D83EF64ABH...@0.0.0.0

seems to have the same aioe NNTP Posting Host as this post. Since you place
such confidence in tracking Hunmingbird's sock puppets this way, you'll
probably want to confess that this is actually you, Franklin.

Sebastian G.

unread,
Mar 23, 2008, 11:10:59 PM3/23/08
to
hummingbird wrote:


> There are reasons to fake headers to hide from public view what
> posting s/w he uses to deter stalkers,


Nonsense.

> and the poster may have

> chosen OE for no particular reason (ie a random choice).


A static header means that the posting still has always the same
characteristic. The only sane choice would be to randomize it for each posting.

Then again, one can simply omit all irrelevant headers.

> I'm not aware of the compatibility problems you refer to.

I am. Various servers detect OE by the header and then apply protocol
changes to make it work, which in turn break the real clients.

hummingbird

unread,
Mar 24, 2008, 7:45:37 AM3/24/08
to

On Mon, 24 Mar 2008 04:10:59 +0100 'Sebastian G.'
wrote this on alt.comp.freeware:

>hummingbird wrote:


>
>
>> There are reasons to fake headers to hide from public view what
>> posting s/w he uses to deter stalkers,
>
>Nonsense.

That response from you sure is.
I refer you to my previous comments.

> > and the poster may have
>> chosen OE for no particular reason (ie a random choice).
>
>
>A static header means that the posting still has always the same
>characteristic. The only sane choice would be to randomize it for each posting.

Maybe the other poster does that. Do you know otherwise?

>Then again, one can simply omit all irrelevant headers.

... ... ...

> > I'm not aware of the compatibility problems you refer to.
>
>I am. Various servers detect OE by the header and then apply protocol
>changes to make it work, which in turn break the real clients.

Sorry, I know nothing about this.

Sebastian G.

unread,
Mar 24, 2008, 8:37:04 AM3/24/08
to
hummingbird wrote:


>>> There are reasons to fake headers to hide from public view what
>>> posting s/w he uses to deter stalkers,
>> Nonsense.
>
> That response from you sure is.
> I refer you to my previous comments.


If you can tell me any logical connection between header faking and detering
stalkers... but well, you can't, since there is none.

>> A static header means that the posting still has always the same
>> characteristic. The only sane choice would be to randomize it for each posting.
>
> Maybe the other poster does that. Do you know otherwise?


Obviously "Microsoft Outlook Express 6.00.2900.3138" is not a random string,
especially not if it's repeated among two postings.

"5-cfpsl4io7roUHp4FlfX4evXS4RHA6wudmVnB-qKISihnjUHFIUBz1Pn5MGX5FC" would be one.

Krazee Brenda

unread,
Mar 24, 2008, 10:42:21 AM3/24/08
to

Hi Franklin. LOL

hummingbird

unread,
Mar 24, 2008, 2:15:31 PM3/24/08
to

On Mon, 24 Mar 2008 13:37:04 +0100 'Sebastian G.'
wrote this on alt.comp.freeware:

>hummingbird wrote:


>
>
>>>> There are reasons to fake headers to hide from public view what
>>>> posting s/w he uses to deter stalkers,
>>> Nonsense.
>>
>> That response from you sure is.
>> I refer you to my previous comments.
>
>
>If you can tell me any logical connection between header faking and detering
>stalkers... but well, you can't, since there is none.

I never used the term "detering", you did. Anyway ....
If you don't know then you obviously haven't been around for very
long -or- you haven't been paying attention.

Suffice it for me to say that the contents of one's headers can be
used by stalkers and troublemakers against you. It therefore makes
some sense to prevent them from doing that. I realised that many
years ago and took action to protect myself early on in Usenet.


>>> A static header means that the posting still has always the same
>>> characteristic. The only sane choice would be to randomize it for each posting.
>>
>> Maybe the other poster does that. Do you know otherwise?
>
>
>Obviously "Microsoft Outlook Express 6.00.2900.3138" is not a random string,
>especially not if it's repeated among two postings.

I meant that the other poster may insert a random news client string
into his header each time he posts (or whenever he wants to) to help
anonymise himself better.

So today he might insert OE and tomorrow he might use Thunderbird.
The day after tomorrow he might insert some other news client.

Get the picture?


HOWEVER, it has come to my attention that in this particular case,
the person posting as Nomen Nescio is none other than the village
idiot called ***Franklin*** who hangs out on alt.comp.freeware.
Somebody has examined his headers and caught him red-handed.

Can you believe it................
Here's a list of Franklin's sockpuppets and nyms used since
July 2007 on <alt.comp.freeware>:

--
Franklin's whopping BIG LIE of 2007:
"I do not post with deliberate and misleading errors"
<Franklin>, ACF, 23-Nov-2007

...but...but...but...

Here's the complete(?) list of Franklin's sockpuppets used on ACF
since July 2007 (65+ and rising) to deliberately deceive people:

-Mar/2008-:
Franklin <no-...@nntp.invalid>
Bare Bosoms <Bare.Bos...@gmail.com>
Nomen Nescio <nomen....@nomen.nescio>

-Feb/2008-:
Franklin <no_...@www.invalid>

-Jan/2008-:
Franklin-post7

-Dec/2007-:
cc to Hummy <frankl...@no.mail.invalid>
"Franklin (ACF)" <fran...@nomail.invalid>
Frank to Humbug <fr...@mail.invalid>
"carbon copy -> Chris" <frankl...@no.mail.invalid>
carbon copy to Humbug <frankl...@no.mail.invalid>
"Frank (inc Humbug)" <fran...@nomail.invalid>
cc T0 Hummingberk <frankl...@no.mail.invalid>
Poppinjay <no...@nowhere.invalid> (unconfirmed)
Cecil SeaSerpent <ce...@beanyland.net>
FrankIin writes <fran...@nomail.invalid>
4Hummingbird
The Angel of Evil <frankl...@no.mail.invalid>
Franklin-post1
Franklin-post2
Franklin-post3
Franklin-post4
Franklin-post5
Franklin-post6
Humming brain <frankl...@no.mail.invalid>

-Oct/2007-:
The Angel of Evil

-July 2007-:
Franklin .
Franklin.
Frankli n
To Laurie
Franklin to hummingbird
coco
Franklin ZORG
<frank...@no.mail.please>
<frank...@no.mail>
[each of the above used one of the e-mail addies]

Franklin Smith <frank...@no.spam.please>
Franklin Smith <frank...@no.no.to.spam.please>
Franklin Smith <frank...@no.spam.please>
Franklin Smith <fran....@no.spam.please>
[note the extra space added]

Franklin Smith <frank...@nope.to.spam.please>
Franklin Smith <frank...@no.spam.please>
Franklin Srnith <frnk...@no.spam.please>
[note letters rn used to look like m]

Franklin Smith <frank...@onspam.please>
Franklin Smith <fran...@no.spam.please>
Franklin Smith <frank...@no.sparm.please>
Franklin Smith <frahk...@no.spam.please>
Franklin Smith <frank...@smith.spam.please>
Franklin Srnith <frank...@no.to.all.spam.please>
[note letters rn used to look like m]

Franklin Smith <ffrraan...@no.spam.please>
Franklin Smith <frank...@no.spam.please>
Franklin S <frank....@his.PC.invalid>
Franklin Smith <frann...@no.to.spam.please>
Franklin <frank....@no.spam.please>
Franklin Smith <frank.sa...@no.spam.please>
Franklin Smith <frank....@no.place>
Franklin Smith <frank...@only.spam.is.killed>
Franklin likes freeware <frank...@no.mail.please>
Franklin <frankl...@no.mail.please>
Franklin <frankl...@gmail.com>
Franklin <frank...@no.mail.please>

Krazee Brenda

unread,
Mar 24, 2008, 3:02:50 PM3/24/08
to
On Mon, 24 Mar 2008 13:37:04 +0100, Sebastian G. wrote:

> If you can tell me any logical connection between header faking and detering
> stalkers... but well, you can't, since there is none.

1) Fucking around
2) Sock puppetry
3) Feeling of "technical superiority"
4) Fucking around

Sebastian G.

unread,
Mar 24, 2008, 3:53:04 PM3/24/08
to
hummingbird wrote:


>>
>>>>> There are reasons to fake headers to hide from public view what
>>>>> posting s/w he uses to deter stalkers,

~~~~~

>>>> Nonsense.
>>> That response from you sure is.
>>> I refer you to my previous comments.
>>
>> If you can tell me any logical connection between header faking and detering
>> stalkers... but well, you can't, since there is none.
>
> I never used the term "detering", you did.


Ouch! The word "deter" even appears in the quoting above...

> Suffice it for me to say that the contents of one's headers can be
> used by stalkers and troublemakers against you.


How so?

> It therefore makes
> some sense to prevent them from doing that. I realised that many
> years ago and took action to protect myself early on in Usenet.


So that's why your headers are defective, as well as your mail address in
the From header...

>> Obviously "Microsoft Outlook Express 6.00.2900.3138" is not a random string,
>> especially not if it's repeated among two postings.
>
> I meant that the other poster may insert a random news client string
> into his header each time he posts (or whenever he wants to) to help
> anonymise himself better.
>
> So today he might insert OE and tomorrow he might use Thunderbird.
> The day after tomorrow he might insert some other news client.
>
> Get the picture?


No. It leaves an obvious trace over the cause of one day.

Even further, drawing it from a limited set makes it pretty void.

hummingbird

unread,
Mar 24, 2008, 5:00:57 PM3/24/08
to

On Mon, 24 Mar 2008 20:53:04 +0100 'Sebastian G.'
wrote this on alt.comp.freeware:

>hummingbird wrote:
>> Suffice it for me to say that the contents of one's headers can be
>> used by stalkers and troublemakers against you.

>How so?

Well you'll just have to accept my word on that Sebastian because
I'm not going to post stuff here which is of use to the small group
of sick stalkers we have on <alt.comp.freeware>. These people only
have to find one header in several posts that match, to declare they
were posted by the same person. Now, you and I may think that is
ridiculous and is only trivial or circumstantial evidence, but on
ACF it's more than enough for the dorks to declare proven guilt and
to accuse that person of sockpuppeting or spoofing to smear their
name and discredit them.

Thus, it can be useful for a person to be able to deliberately
manipulate their headers to *deter* stalker attack and to retain
a level of anonymity.


>> It therefore makes
>> some sense to prevent them from doing that. I realised that many
>> years ago and took action to protect myself early on in Usenet.
>
>
>So that's why your headers are defective, as well as your mail address in
>the From header...

That's really a non-sequitur, but I'm not aware that my Headers and
From: field are defective. The only general rule I'm aware of is to
ensure a unique MID to avoid such things as hash collisions etc.
Otherwise if the news server accepts a post and propagates it, then
it's OK.


>>> Obviously "Microsoft Outlook Express 6.00.2900.3138" is not a random string,
>>> especially not if it's repeated among two postings.
>>
>> I meant that the other poster may insert a random news client string
>> into his header each time he posts (or whenever he wants to) to help
>> anonymise himself better.
>>
>> So today he might insert OE and tomorrow he might use Thunderbird.
>> The day after tomorrow he might insert some other news client.
>>
>> Get the picture?
>
>
>No. It leaves an obvious trace over the cause of one day.

Well, maybe a person will change his headers for each post. Bear in
mind, he's only protecting himself against a dork-stalk attack, not
NSA or CIA etc. That would require more sophisticated measures.

>Even further, drawing it from a limited set makes it pretty void.

I was only giving a simple example...in practice one might use a
more complex set of variants in the headers.

Ant

unread,
Mar 24, 2008, 6:49:02 PM3/24/08
to
"hummingbird" wrote:

> On Mon, 24 Mar 2008 20:53:04 +0100 'Sebastian G.'
> wrote this on alt.comp.freeware:
>
>>hummingbird wrote:
>>> Suffice it for me to say that the contents of one's headers can be
>>> used by stalkers and troublemakers against you.
>
>>How so?
>
> Well you'll just have to accept my word on that Sebastian because
> I'm not going to post stuff here which is of use to the small group
> of sick stalkers we have on <alt.comp.freeware>. These people only
> have to find one header in several posts that match, to declare they
> were posted by the same person.

So what?

> Now, you and I may think that is
> ridiculous and is only trivial or circumstantial evidence, but on
> ACF it's more than enough for the dorks to declare proven guilt and
> to accuse that person of sockpuppeting or spoofing

Who cares?

> to smear their name and discredit them.

What tosh. Any regular poster keeps the same handle and is judged by
the articles they post, not by trolls.

> Thus, it can be useful for a person to be able to deliberately
> manipulate their headers to *deter* stalker attack and to retain
> a level of anonymity.

I always post as "Ant" but you know nothing about me apart from the
ISP I use.


hummingbird

unread,
Mar 24, 2008, 8:08:40 PM3/24/08
to

On Mon, 24 Mar 2008 22:49:02 -0000 'Ant'
wrote this on alt.comp.freeware:

>"hummingbird" wrote:
>
>> On Mon, 24 Mar 2008 20:53:04 +0100 'Sebastian G.'
>> wrote this on alt.comp.freeware:
>>
>>>hummingbird wrote:
>>>> Suffice it for me to say that the contents of one's headers can be
>>>> used by stalkers and troublemakers against you.
>>
>>>How so?
>>
>> Well you'll just have to accept my word on that Sebastian because
>> I'm not going to post stuff here which is of use to the small group
>> of sick stalkers we have on <alt.comp.freeware>. These people only
>> have to find one header in several posts that match, to declare they
>> were posted by the same person.
>
>So what?

Who are you? I was having a debate with Sebastian.

>> Now, you and I may think that is
>> ridiculous and is only trivial or circumstantial evidence, but on
>> ACF it's more than enough for the dorks to declare proven guilt and
>> to accuse that person of sockpuppeting or spoofing
>
>Who cares?

Ditto. If you don't care, why bother posting at all?

>> to smear their name and discredit them.
>
>What tosh. Any regular poster keeps the same handle and is judged by
>the articles they post, not by trolls.

You obviously are a little naive about these matters.

>> Thus, it can be useful for a person to be able to deliberately
>> manipulate their headers to *deter* stalker attack and to retain
>> a level of anonymity.
>
>I always post as "Ant" but you know nothing about me apart from the
>ISP I use.


You forgot these headers of yours which all help to ID you:

X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 80.189.16.24
X-Postfilter: 1.3.37
X-Newsreader: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200


Now what were you saying?

Ant, if you have some constructive views on this debate please
express them, otherwise go away.

Ant

unread,
Mar 24, 2008, 10:00:58 PM3/24/08
to
"hummingbird" wrote:

> On Mon, 24 Mar 2008 22:49:02 -0000 'Ant'
> wrote this on alt.comp.freeware:
>
>>"hummingbird" wrote:
>>> These people only
>>> have to find one header in several posts that match, to declare they
>>> were posted by the same person.
>>
>>So what?
>
> Who are you?

I am anonymous.

> I was having a debate with Sebastian.

You posted to usenet where anyone can join in.

>>> Now, you and I may think that is
>>> ridiculous and is only trivial or circumstantial evidence, but on
>>> ACF it's more than enough for the dorks to declare proven guilt and
>>> to accuse that person of sockpuppeting or spoofing
>>
>>Who cares?
>
> Ditto. If you don't care, why bother posting at all?

Because I'd like you to explain what the problem is.

>>> to smear their name and discredit them.
>>
>>What tosh. Any regular poster keeps the same handle and is judged by
>>the articles they post, not by trolls.
>
> You obviously are a little naive about these matters.

Pleas explain, then.

>>I always post as "Ant" but you know nothing about me apart from the
>>ISP I use.
>
> You forgot these headers of yours which all help to ID you:
>
> X-Usenet-Provider: http://www.giganews.com

I post through giganews, along with many others, one of the largest if
not *the* largest news provider.

> NNTP-Posting-Host: 80.189.16.24

24.16.189.80.in-addr.arpa domain name pointer 189.16.24.fdial.global.net.uk.

Belongs to Brightview who are the resellers of bandwidth that my ISP
uses. So, in fact, you don't even know my ISP.

> X-Newsreader: Microsoft Outlook Express 5.50.4522.1200

An old version of OE. So what?

> Now what were you saying?

See above.


Sebastian G.

unread,
Mar 25, 2008, 2:13:05 AM3/25/08
to
Ant wrote:


>> X-Newsreader: Microsoft Outlook Express 5.50.4522.1200
>
> An old version of OE. So what?

Seems like you didn't even bother to read this thread, did you?

hummingbird

unread,
Mar 25, 2008, 4:58:40 AM3/25/08
to

On Tue, 25 Mar 2008 02:00:58 -0000 'Ant'
wrote this on alt.comp.freeware:

>"hummingbird" wrote:
>
>> On Mon, 24 Mar 2008 22:49:02 -0000 'Ant'
>> wrote this on alt.comp.freeware:
>>
>>>"hummingbird" wrote:
>>>> These people only
>>>> have to find one header in several posts that match, to declare they
>>>> were posted by the same person.
>>>
>>>So what?
>>
>> Who are you?
>
>I am anonymous.
>
>> I was having a debate with Sebastian.
>
>You posted to usenet where anyone can join in.

True, but my comments were addressed to Sebastian and you know
how it is trying to hold two conversations at once and how muddled
things can get.

>>>> Now, you and I may think that is
>>>> ridiculous and is only trivial or circumstantial evidence, but on
>>>> ACF it's more than enough for the dorks to declare proven guilt and
>>>> to accuse that person of sockpuppeting or spoofing
>>>
>>>Who cares?
>>
>> Ditto. If you don't care, why bother posting at all?
>
>Because I'd like you to explain what the problem is.

Ooh so you *do* care.

I think I posted enough clues for most folks to get the picture.
If either of you want more explanation, send an e-mail
to hellhole2007 AT libero.it

>>>> to smear their name and discredit them.
>>>
>>>What tosh. Any regular poster keeps the same handle and is judged by
>>>the articles they post, not by trolls.
>>
>> You obviously are a little naive about these matters.
>
>Pleas explain, then.

See my previous comments.

>>>I always post as "Ant" but you know nothing about me apart from the
>>>ISP I use.
>>
>> You forgot these headers of yours which all help to ID you:
>>
>> X-Usenet-Provider: http://www.giganews.com
>
>I post through giganews, along with many others, one of the largest if
>not *the* largest news provider.
>
>> NNTP-Posting-Host: 80.189.16.24
>
>24.16.189.80.in-addr.arpa domain name pointer 189.16.24.fdial.global.net.uk.
>
>Belongs to Brightview who are the resellers of bandwidth that my ISP
>uses. So, in fact, you don't even know my ISP.
>
>> X-Newsreader: Microsoft Outlook Express 5.50.4522.1200
>
>An old version of OE. So what?
>
>> Now what were you saying?
>
>See above.

Indeed but your statement was that I only know who your ISP is.
I pointed out that your headers reveal more about you than that.
(not more about you personally but more about you on Usenet).

Franklin

unread,
Mar 25, 2008, 8:38:57 PM3/25/08
to
On Mon 24 Mar 2008 14:42:21, Krazee Brenda <brenda...@gmail.com>
wrote:


Hello Brenda, sorry to reply so late. I've been away and had a nice
very rest, thank you very much. Sorry no postcard but you know how
I'd rather not spend money on you. A bit like hubby maybe? Will
try and catch up with your weird postings shortly.

Franklin

unread,
Mar 25, 2008, 8:39:11 PM3/25/08
to
On Mon 24 Mar 03:02, Cecil SeaSerpent <ce...@beanyland.net>
wrote:


Hi Cecil

It doesn't even read like one of my posts. Looks more like
something from Hummingbird.

You say I have confidence in tracking Hunmingbird's sock puppets
through his posting host but that not quite right. I don't think
I've ever said I use that approach although there was an example
recently from another poster which seemed to say exactly that.
Maybe you could be mixing that up with what I've posted.

I don't identify Hummingbird's posts using servers because he has
become more adept at munging his headers and has recently taken to
openly discussing how he can fake any header with his tools.
http://preview.tinyurl.com/22x7xk

If you look at a my recent post http://tinyurl.com/2hbsnu you will
see a way I prefer to use to confirm Hummingbird's posts. It's
worhta quick look especially at the data part.

You might even wish to try the same approach on Aracari posting in
uk.politics.misc. If you interleave Aracari's posts with
Hummingbird's posts over the same period then you'll see a very
strong correlation in posting times. Try it and you can see the
result is persuasive.

Other Hummingbird's sockpuppets can be seen this way too. From
memory I think "Derald" is one. This approach means you don't need
to go thru Hummingbird's fake headers or follow newsreader names or
posting servers or any of that.

I used the headers so little that I hadn't noticed Aracari's posting
server and not even his giveaway ROT-13 header until someone listed
them here recently. Timestamp matching can be enough although some
relay servers will deliberately wait a random period of time.

In fact, I think I used that randomness for another sockpuppet.
Hummingbird and the sockpuppet were never posting at the same time
even though the posting times of each was quite irregular. Chance
alone would suggest that at some stage they would post at more or
less the same time. But it never happened. This negative
correlation was too high to ignore.

Franklin

unread,
Mar 25, 2008, 8:39:22 PM3/25/08
to
On Mon 24 Mar 2008 19:53:04, Sebastian G. <se...@seppig.de> wrote:

At Monday 24th March 2008, Hummingbird wrote:
>>
>>>> It therefore makes
>> some sense to prevent them from doing that. I realised that many
>> years ago and took action to protect myself early on in Usenet.
>
>
> So that's why your headers are defective, as well as your mail
> address in the From header...

Sebastian,

In case you don't know him, Hummingbird sems to prefer to get his
revenge in before any transgressions have occurred.

In other words, he posts a spoof or uses a sockpuppet with fake
headers to attack a problem from another poster which does not yet
exist except in his predictions.

I too get someother defective headers from Hummingbird but in a
diffent way. It's in their very punctuation. I see spaces
appearing in the middle of Hummingbird's header text but I've tended
to attribute this to my newsreader and it's lack of UTF-8 support
because I've seen Hummingbird use both 7-bit and 8-bit encoding
recently.

However, I'm a bit surprised at the extent of messing up I see.
Google Groups also seems to get a bit muddled by some of
Hummingbird's "specially written" headers.

Franklin

unread,
Mar 25, 2008, 8:39:30 PM3/25/08
to
On Mon 24 Mar 2008 01:47:54, hummingbird <hummi...@127.0.0.1>
wrote:

>
> There are reasons to fake headers to hide from public view what
> posting s/w he uses to deter stalkers, and the poster may have
> chosen OE for no particular reason (ie a random choice). I'm not
> aware of the compatibility problems you refer to.


Hummingbird, pardon me for being late to this thread but if I read
your comments correctly you are saying that you are entitled to
falsify headers in order to make trouble for those whom you
designate as "stalkers"?

If you recall there was a new poster here whom I looked up in Google
Groups and clicked the "profile" link. In your eyes that allowed
you to claim I was a stalker.

On other occassions I have been called a "professional stalker" by
you - although I always thought I made a living by other means.

Your allegations mean that once you have demonised me or my motives
then you are entitled to attack me in any way you see fit. And so
you have posted using my own name several times before and now your
toolkit of header-fixing apps allows you to be even more creative
with other headers too.

I recall telling you that it was suspicious you were so interested
in local proxy servers and you had the chutzpah to say you didn't
know what a proxy server was. You were running one!

What is the matter?

Daniel Mandic

unread,
Mar 25, 2008, 9:20:45 PM3/25/08
to
Franklin wrote:

> In other words, he posts a spoof or uses a sockpuppet with fake
> headers to attack a problem from another poster which does not yet
> exist except in his predictions.

Frank,

You reapeat yourself.

Like a town crier ;-)

> I too get someother defective headers from Hummingbird but in a
> diffent way. It's in their very punctuation. I see spaces
> appearing in the middle of Hummingbird's header text but I've tended
> to attribute this to my newsreader and it's lack of UTF-8 support
> because I've seen Hummingbird use both 7-bit and 8-bit encoding
> recently.

Is this a code ;-)?


Best Regards,

Daniel Mandic

Richard Steinfeld

unread,
Mar 26, 2008, 3:28:28 AM3/26/08
to
Alfred Einstein wrote:
> I'll grant the Gom Player people credit for making it plain during the
> install that the package included phone-home activity. But I still don't
> want it to phone home. I want it blocked.
>
> So anyway, I found my answer ... GhostWall. I'd completely forgotten about
> that one. It's very simple and light.
>
> I rejected it years ago because it's GUI is hard to use, especially if you
> want to configure a lot of rules. And they don't provide a text file
> configuration capability.
>
> But this time around, I only needed to add one item to be blocked. So it was
> easy.
>
> I turned on the sniffer and I ran Gom Player. With the firewall OFF, the
> sniffer shows that he connects to 38.119.59.43 successfully. With the
> firewall ON, ...... silence. Nice.
>
>
Hey, Alfred,

You've whetted my appetite; I took a look at GhostWall's home page;
they've got some nice-looking security freeware for download. Would you
please give me more information, since I don't understand a couple of
things you wrote, and this program doesn't ring any bells for me.

1. Does GhostWall provide any outgoing facility? Will it block
"outcalls," display what program is doing them, and where they're
phoning out to?

2. What is "the sniffer?"

3. What do you mean by "With the firewall ON, ...... silence?"

4. Do you use this in addition to another firewall?

5. Can you set rules? Do rules carry any limitations or gotchas?

6. Is the free version limited in any meaningful way?

One of the reasons I'm asking is because I couldn't find enough
descriptive information about anything on their site. However, it does
appear that these people like to craft clever little low-load tools. One
nifty thing that I noticed about GhostWall is that it shows the country
where a URL is located.

I look forward to your reply (and to anyone else who uses this program,
too).

TIA

Richard

hummingbird

unread,
Mar 26, 2008, 7:57:28 AM3/26/08
to

On 26 Mar 2008 01:20:45 GMT 'Daniel Mandic'
wrote this on alt.comp.freeware:

>Franklin wrote:
-nothing of relevance or interest to the Usenet community-


>Frank,
>
>You reapeat yourself.
>
>Like a town crier ;-)
>
>> I too get someother defective headers from Hummingbird but in a
>> diffent way. It's in their very punctuation. I see spaces
>> appearing in the middle of Hummingbird's header text but I've tended
>> to attribute this to my newsreader and it's lack of UTF-8 support
>> because I've seen Hummingbird use both 7-bit and 8-bit encoding
>> recently.
>
>Is this a code ;-)?


Franklin's trying to tell us that he's two bits short of a byte
and also out to lunch.

He's fast becoming a Walter Mitty replica.


--
socialism is like chronic heart disease ...
you may not know you suffer from it, but it'll kill you in the end.

Daniel Mandic

unread,
Mar 26, 2008, 8:15:44 AM3/26/08
to
hummingbird wrote:

> He's fast becoming a Walter Mitty replica.

Hi hummingbird!


Walter Mitty the fictional character by James Thurber, or punk rock?

Best regards,

Daniel Mandic

hummingbird

unread,
Mar 26, 2008, 12:50:33 PM3/26/08
to

On 26 Mar 2008 12:15:44 GMT 'Daniel Mandic'
wrote this on alt.comp.freeware:

>hummingbird wrote:


>
>> He's fast becoming a Walter Mitty replica.
>
>Hi hummingbird!
>
>
>Walter Mitty the fictional character by James Thurber, or punk rock?

The fictional character.


>Best regards,
>
>Daniel Mandic

0 new messages