On 01 Mar 2005, Spartanicus wrote:
> Sandi <> wrote:
>
>>As I understand it 127.0.0.1 is actually the loopback address to
>>my own PC. So I figure it should be safe to include 127.0.0.1
>>as a Trusted Zone in Zone Alarm. Is it ok to do this?
>
> Usually yes, the default config of most firewalls contains a
> rule allowing it, strange that you got a prompt.
It seems weird to me but I am not a comms person.
I would like to ask a coupl eof questions of you or anyone else who
might be able to advise.
> There is however an exception, if you for example run a local
> http proxy (for example an ad filter), then you should realize
> that if you allow local applications unqualified access to
> 127.0.0.1 then any application has unrestricted access via port
> 80 to the web if they go through the local proxy.
I found that the NTL DNS server was back to its old tricks and was
going slow. So I recently installed Treewalk-DNS (from
http://ntcanuck.com/). This is a utility which uses a different DNS
server and it also sets up a DNS cache on the hard drive. Treewalk
changed the first DNS entry in my Lan Adaptor's IP Properties was
changed to 127.0.0.1.
Does Treewalk fall into the category of tools which allow
unrestricted access in the way you describe?
> For this reason I removed the local loopback rule. Note however
> that when you do this IE will refuse to work properly (becomes
> very slow).
>
> Since applications gaining unauthorized access to the web via IE
> and the local proxy is a genuine worry, IE should not be
> configured to use the proxy. Needless to say that this scenario
> only works if you use a proper browser for browsing (I've
> blocked IE from accessing the net).
In order to avoid NTL's slow web proxy server I sometimes use one of
the NTL web servers direct.
I just picked one of the entries listed at
http://homepage.ntlworld.com/robin.d...trancache.html
and put it into my browser (which is Opera and not IE).
Could this also create a problem of unrestricted access of the sort
you describe above?
Similar Threads
