Loading ...
Sorry, an error occurred while loading the content.
 

Re: [syndic8] Feed Actions

Expand Messages
  • Jos
    Yes that might be good for people like me without newsreaders. But most people that browse Syndic8 probably have them. I just put all my news I like on my Web
    Message 1 of 9 , Aug 20, 2004
      Yes that might be good for people like me without newsreaders. But most
      people that browse Syndic8 probably have them. I just put all my news I like
      on my Web pages or else read them through Bloglines.

      Thanks for explaining it.

      Jos

      ----- Original Message -----
      From: "Bill Kearney" <ml_yahoo@...>
      To: <syndic8@yahoogroups.com>
      Sent: Friday, August 20, 2004 7:36 AM
      Subject: Re: [syndic8] Feed Actions


      > > ... It's possible there could be some better explanation of
      > this on the s8 pages.
      >
      > -Bill Kearney
    • Bill Kearney
      ... That ZoneAlarm screws it up is not exactly a ringing endorsement to the idea of managing local ports. ZA has been such a horrible mess of screwups that I
      Message 2 of 9 , Aug 20, 2004
        > In theory, yes. It depends on whether the newsreader listens
        > only on localhost (as it ought to, IMO) and how smart the firewall is.
        >
        > (As an example: On Windows, Mozilla uses a pair of local TCP
        > sockets to manage some interprocess communication. This used
        > to trigger ZoneAlarm's "program is requesting server rights"
        > alert, despite the sockets being bound to 127.0.0.1. For the curious,
        > http://bugzilla.mozilla.org/show_bug.cgi?id=100154 has details.)

        That ZoneAlarm screws it up is not exactly a ringing endorsement to the idea
        of managing local ports. ZA has been such a horrible mess of screwups that
        I find it's more trouble that it's worth most of the time.

        An app can and, as you suggest, should control what IP address it listens
        on. Most of the time there's not much reason to be listening to these
        requests from other IP addresses. However, I use an aggregator on another
        machine (it's a horrible resource pig) and access it via HTML from another
        box. The 127.0.0.1 links won't work, of course but I'd still like to 'push'
        them over to that box. I've got a tiny .Net app that does this. So I'd
        need my remote aggregator to understand how to listen on more than just the
        localhost interface.

        Forutnately XPsp2 does allow limiting what subnets can access a given port.
        So you can go into it's configs and select whether it's just localhost, the
        local subnet, others or everything. This is a NICE new feature in XPsp2.

        As a developer myself I can understand how the complexities of secure
        programming are a pain in the ass. It's often a lot easier to just 'get it
        running' and leave out security issues. Sometimes it's hard enough just
        getting the code to WORK! But fortunately more people are starting to
        understand why security needs to be 'baked in' from the start. Let's hope
        the various apps get updated to handle it. This as opposed to the whiners
        bitching about sp2 being at fault.

        -Bill Kearney
      • peter_perez
        An app can and, as you suggest, should control what IP address it listens on. Most of the time there s not much reason to be listening to these requests from
        Message 3 of 9 , Aug 21, 2004
          An app can and, as you suggest, should control what IP address it
          listens on. Most of the time there's not much reason to be listening
          to these requests from other IP addresses.

          Actually, a good firewall not only cares what the IP is but from
          WHERE the packet is coming from. A 127.0.0.1 packet coming IN the
          ethernet port should be a solid indication that it is bogus. If
          newsreader software is doing this, by default, the packets should be
          banned. That would be like a 192.168.... or a 10.x.x.x packet
          coming in from the Internet. Those are private/local net addresses
          and should never be present on the Internet.

          Zone Alarm is a poor choice as it doesn't check these kinds of rules
          very carefully. I just wish Gauntlet was a lot less money but it
          sure is secure.

          Pete
        Your message has been successfully submitted and would be delivered to recipients shortly.