site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Ad Filtering Programs keep Ports open

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
kudos:1

reply to Hutch

Re: Ad Filtering Programs keep Ports open

Well, no. Sort of. What a proxy server is is a layer between your browser and the internet. It normally rides above the firewall and below the browser, or anything else you let use it. You know your favorite app s acting as a proxy server if you have to open up your IE tools/options/connections and enter an address and port for a proxy server. Usually, you should use a loopback connection to connect to a proxy server you only want to be accessible on the local machine, and that would include most ad and cookie filters that load as servers. The reason is that you don't want it to be available over the internet. If someone connects to your proxy through the internet, it's possible to "pirate" your IP and tunnel through the proxy server. To prevent that, any filters that run as proxy servers should be configured in their settings NOT to listen on any other adapters (if that's possible; I know proxomitron does...) besides localhost, then you connect through "localhost:8080"; it's not a good idea to connect through "myNBname:xxxx" or "192.168.1.2:xxxx". That's all I'm saying, in a nutshell. Most proxies today, I think, are usually set by default to listen to localhost, but I think it's worth checking into and making sure.

What I meant about the firewall and router was simply that you block access from the WAN to the port the browser connects to the proxy server on in the Tools settings. That works whether the settings of the app are detailed enough to pick an address or not. Just closes the port at the firewall. Another good idea is to deny Internet Explorer access at the firewall while the filter is running. That way, it can't sneak packets around the filters - I've caught it trying to initiate connections while Proxomitron's running, here, and yes, it's unchecked for access, so it's blocked. Pardon my rambling... thinking out loud ... sorry...

As far as how a proxy works, it does the same things a hosts file does a different way, better, and it can do more. It can, for example, strip off headers or java code, or selectively allow cookies through and deny others at the same site. Very versatile platform for filtering ads and cookies, but risky, too, if it accepts any outside connections...

I took the liberty of taking a look at Naviscope, and it's a proxy server, so it should be able to do a pretty good job, but needs to be set up right to be most effective and safe. I also noticed that it has a prefetcher, so Judge, I'll have to refer you to your helpfile or someone who uses Naviscope, on those technicals... that could be what's opening a port on your system, so it may have something doing with the way Naviscope works. Somehow, though, I don't think prefetch is much needed on a broadband connection, really. Besides, I can think of no legitimate reason on earth that ports should show as open and accepting connections on any proxy server from the internet side.

woops... sorry, I think I misread... Got it. You run adsubtract, correct, and scanned at naviscope? If so, I'm sorry... AdSubtract acts as a proxy, too. Don't know what ports IT uses, but still, it shouldn't need to listen for connections on the WAN.

--
Man will occasionally stumble over the truth, but most times he will pick himself up and carry on. - Sir Winston Churchill
[text was edited by author 2001-06-10 03:09:48]
to forum · permalink · 2001-06-10 03:04:17 ·

Traduk

join:2000-10-25
England

I used Naviscope for a couple of weeks and then uninstalled it due to the fact that not only appeared to be flaky at doing it's intended job but also had a performance hit of up to 25% speed.

You have broadened my knowledge of local proxies and from that this is how I perceived that Naviscope worked. It forced the default browser of choice to connect to it via local loopback 127.0.0.1, as it should. It then sat permanently "listening" on it's default of port 81 out to the Wan. It could be argued that a browser, whilst in use, sits listening on open ports but normally most people open a browser whilst actively using it and are at their screen should something untoward happen. Naviscope however sits listening for as long as the computer is running.

I did not know enough about the implications of having an open port 81 to feel comfortable with running the program. Inconsistent page rendering, random blocking, or not, of adds on the same page and a 25% performance hit on numerous DSLreports speed tests had me hitting the add/remove to say goodbye.

Pre-fetching is done by searching a page for keywords and finding new pages which match the keyword. One keyword is supplied by default and the user must create an extended list to suit their own requirements. I can just imagine what would happen if a keyword of "microsoft" was added and Microsoft's site was visited.

Traduk

to forum · permalink · 2001-06-10 07:10:39 ·
Forums > Broadband Tech > Security > Security

Monday, 04-Jun 04:17:55 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics