Re: Is it safe to put 127.0.0.1 into ZA's trusted zone?

Discussion in 'Computer Security' started by Sandi, Mar 1, 2005.

  1. Sandi

    Sandi Guest

    On 01 Mar 2005, Spartanicus wrote:

    > Sandi <> wrote:
    >
    >>As I understand it 127.0.0.1 is actually the loopback address to
    >>my own PC. So I figure it should be safe to include 127.0.0.1
    >>as a Trusted Zone in Zone Alarm. Is it ok to do this?

    >
    > Usually yes, the default config of most firewalls contains a
    > rule allowing it, strange that you got a prompt.


    It seems weird to me but I am not a comms person.

    I would like to ask a coupl eof questions of you or anyone else who
    might be able to advise.

    > There is however an exception, if you for example run a local
    > http proxy (for example an ad filter), then you should realize
    > that if you allow local applications unqualified access to
    > 127.0.0.1 then any application has unrestricted access via port
    > 80 to the web if they go through the local proxy.


    I found that the NTL DNS server was back to its old tricks and was
    going slow. So I recently installed Treewalk-DNS (from
    http://ntcanuck.com/). This is a utility which uses a different DNS
    server and it also sets up a DNS cache on the hard drive. Treewalk
    changed the first DNS entry in my Lan Adaptor's IP Properties was
    changed to 127.0.0.1.

    Does Treewalk fall into the category of tools which allow
    unrestricted access in the way you describe?


    > For this reason I removed the local loopback rule. Note however
    > that when you do this IE will refuse to work properly (becomes
    > very slow).
    >
    > Since applications gaining unauthorized access to the web via IE
    > and the local proxy is a genuine worry, IE should not be
    > configured to use the proxy. Needless to say that this scenario
    > only works if you use a proper browser for browsing (I've
    > blocked IE from accessing the net).


    In order to avoid NTL's slow web proxy server I sometimes use one of
    the NTL web servers direct.

    I just picked one of the entries listed at
    http://homepage.ntlworld.com/robin.d.h.walker/cmtips/trancache.html
    and put it into my browser (which is Opera and not IE).

    Could this also create a problem of unrestricted access of the sort
    you describe above?
    Sandi, Mar 1, 2005
    #1
    1. Advertising

  2. Sandi wrote:

    > On 01 Mar 2005, Spartanicus wrote:
    >
    >> Sandi <> wrote:
    >>
    >>>As I understand it 127.0.0.1 is actually the loopback address to
    >>>my own PC. So I figure it should be safe to include 127.0.0.1
    >>>as a Trusted Zone in Zone Alarm. Is it ok to do this?

    >>
    >> Usually yes, the default config of most firewalls contains a
    >> rule allowing it, strange that you got a prompt.

    >
    > It seems weird to me but I am not a comms person.


    Why would you want to put the loopback into your trusted zones file? That
    only makes sense if you are running a Web server on your machine. In other
    words that machine you have the loopback entry also has a web
    server...other than that it is a meanings statement.

    Michael
    Michael J. Pelletier, Mar 6, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Bun Mui
    Replies:
    2
    Views:
    4,095
    Bucky Breeder
    May 3, 2004
  2. Replies:
    0
    Views:
    528
  3. Soapy
    Replies:
    1
    Views:
    631
    The Magnificent Bastard
    Aug 16, 2004
  4. Soapy
    Replies:
    1
    Views:
    695
    Steve Leyland
    Aug 16, 2004
  5. Messenger

    ZoneAlarm trusted Zone

    Messenger, Sep 1, 2004, in forum: Computer Security
    Replies:
    3
    Views:
    5,491
Loading...

Share This Page