IE Browser redirection

Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

Hi

I'm having a problem with IE6.

When I attempt to connect to any website with IE6, at the bottom
it says "attempting to connect to 127.0.0.1", then I get the error:
"The page cannot be displayed"

After doing some google research I think this is possibly the result of
of a partially uninstalled pop-up blocking program (which I wouldn't
know the name of).

There is a registry entry (below) which I think directs all of Internet
Explorer's http requests to a proxy server on the localhost. Although
nothing seems to be listening on 8080, which explains the blank page.

Hijackthis shows the following entry

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer
= http=localhost:8080

Which I suspect is the reason why, when I open IE it tries to connect to
127.0.0.1.

If I delete the registry entry above it gets written back the next time I
open IE.

If I delete the entry above and immediately rescan with hijackthis a few new
ones appear:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = <local>

Even if I delete the new ones, later when I run IE the original one will get
written back.

So the problem is that I can't seem to get rid of this entry, and it's
driving me crazy.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer
= http=localhost:8080

What can I do to prevent this or discover the program that is changing the
registry entries?

Thanks in advance.
14 answers Last reply
More about browser redirection
  1. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

    Del Reedy wrote:
    > Hi
    >
    > I'm having a problem with IE6.
    >
    > When I attempt to connect to any website with IE6, at the bottom
    > it says "attempting to connect to 127.0.0.1", then I get the error:
    > "The page cannot be displayed"
    >
    > After doing some google research I think this is possibly the result of
    > of a partially uninstalled pop-up blocking program (which I wouldn't
    > know the name of).
    >
    > There is a registry entry (below) which I think directs all of Internet
    > Explorer's http requests to a proxy server on the localhost. Although
    > nothing seems to be listening on 8080, which explains the blank page.
    >
    > Hijackthis shows the following entry
    >
    > HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer
    > = http=localhost:8080
    >
    > Which I suspect is the reason why, when I open IE it tries to connect to
    > 127.0.0.1.
    >
    > If I delete the registry entry above it gets written back the next time I
    > open IE.
    >
    > If I delete the entry above and immediately rescan with hijackthis a few new
    > ones appear:
    >
    > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    > http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    > R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    > http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    > R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    > Settings,ProxyOverride = <local>
    >
    > Even if I delete the new ones, later when I run IE the original one will get
    > written back.
    >
    > So the problem is that I can't seem to get rid of this entry, and it's
    > driving me crazy.
    >
    > HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer
    > = http=localhost:8080
    >
    > What can I do to prevent this or discover the program that is changing the
    > registry entries?
    >
    > Thanks in advance.
    >
    >
    Open IE and go to Tools, Internet Options, Connections, LAN Settings.
    Make sure all boxes and checkboxes are cleared.

    courtney sends....
  2. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

    "Del Reedy" <delreedy@earthlink.net> wrote in message
    news:ijgKc.1746$iK.750@newsread2.news.atl.earthlink.net...
    > Hi
    >
    > I'm having a problem with IE6.
    >
    > When I attempt to connect to any website with IE6, at the bottom
    > it says "attempting to connect to 127.0.0.1", then I get the error:
    > "The page cannot be displayed"
    >
    > After doing some google research I think this is possibly the result of
    > of a partially uninstalled pop-up blocking program (which I wouldn't
    > know the name of).

    Please follow these steps in order to clean your computer of Malware which
    can include Viruses, Trojans, Worms, Spyware, Hijackers and Dialers.

    Step 1:
    Download Spybot and Adaware from the following locations and install them.
    You should run both programs and clean up what it finds. This is to
    gaurantee that you find the most malware you can installed on your computer.

    Before running the scans on both programs, it is mandatory that you update
    the programs. There are update options in each program when you run them.

    Spybot
    http://www.safer-networking.org/index.php?page=download

    Ad-Aware
    http://www.lavasoftusa.com/software/adaware/

    If you would like to learn more about how to use these two programs with the
    proper settings you can read the tutorials below:

    AD-AWARE Tutorial
    http://www.bleepingcomputer.com/forums/index.php?showtutorial=48

    SPYBOT SEARCH AND DESTROY Tutorial
    http://www.bleepingcomputer.com/forums/index.php?showtutorial=43

    When you scan with both programs, fix everything that it finds.

    When you are done with the scan and fixing the items. Please continue with
    the next step.

    Step 2:

    It is important that you run Spybot and Adaware before you proceed with this
    step. Fixing enties with Hijackthis may leave behind unwanted files on your
    computer if the previous step was not done first.

    Create a directory on your hardrive to save HijackThis.exe. A directory
    like c:\hijackthis. If you do not do this, you will not be able to use the
    backup/restore features.

    Download HijackThis from:

    http://www.spywareinfo.com/~merijn/files/hijackthis.zip

    Save this file into the directory you made previously and then run the
    program. Click on the Scan button and when it is finished click on the Save
    Log button. A Notepad window will open with the contents of this log. Click
    on Edit then click on Select all. Then click on Edit and then Click on
    Copy.

    Register an account at http://www.bleepingcomputer.com and post this created
    log into the Hijackthis Logs forum at that site. To do this, once you are
    registered, create a new post, right click in message area and select paste
    to paste the log into the post.

    An expert will reply to you after reading this post. DO NOT fix any entries
    unless you are absolutely sure you know what you are doing as you may cause
    more damage to the system

    To see a tutorial on using HijackThis you can click on the link below.

    http://www.bleepingcomputer.com/forums/index.php?showtutorial=42

    --
    Lawrence Abrams
    http://www.bleepingcomputer.com
    Source for Original Content, Tutorials, and Support for the beginning
    computer user.
  3. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

    this is probably because there is a program running that replaces the
    registry keys as fast as you delete them. scan some more, use other
    programs, you need to find the malware that is writing the registry keys,
    they don't just show up on their own.

    "Del Reedy" <delreedy@earthlink.net> wrote in message
    news:ijgKc.1746$iK.750@newsread2.news.atl.earthlink.net...
    > Hi
    >
    > I'm having a problem with IE6.
    >
    > When I attempt to connect to any website with IE6, at the bottom
    > it says "attempting to connect to 127.0.0.1", then I get the error:
    > "The page cannot be displayed"
    >
    > After doing some google research I think this is possibly the result of
    > of a partially uninstalled pop-up blocking program (which I wouldn't
    > know the name of).
    >
    > There is a registry entry (below) which I think directs all of Internet
    > Explorer's http requests to a proxy server on the localhost. Although
    > nothing seems to be listening on 8080, which explains the blank page.
    >
    > Hijackthis shows the following entry
    >
    > HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings,ProxyServer
    > = http=localhost:8080
    >
    > Which I suspect is the reason why, when I open IE it tries to connect to
    > 127.0.0.1.
    >
    > If I delete the registry entry above it gets written back the next time I
    > open IE.
    >
    > If I delete the entry above and immediately rescan with hijackthis a few
    new
    > ones appear:
    >
    > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    >
    http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    > R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    > http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    > R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    > Settings,ProxyOverride = <local>
    >
    > Even if I delete the new ones, later when I run IE the original one will
    get
    > written back.
    >
    > So the problem is that I can't seem to get rid of this entry, and it's
    > driving me crazy.
    >
    > HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings,ProxyServer
    > = http=localhost:8080
    >
    > What can I do to prevent this or discover the program that is changing the
    > registry entries?
    >
    > Thanks in advance.
    >
    >
  4. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

    >
    > What can I do to prevent this or discover the program that is changing
    > the registry entries?
    >

    If you suspect it's a program or malware that's doing it, then using
    Process Explorer and looking at running processes and what's running inside
    a running process may help you pin point the culprit.

    http://www.devhood.com/tools/tool_details.aspx?tool_id=743

    http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_R
    ootkit_Tools_in_a_Windows_Environment.html

    Duane :)
  5. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

    "Lawrence Abrams" <grinler-AT=bleepingcomputer.com> wrote in
    news:udkYyZFbEHA.3476@tk2msftngp13.phx.gbl:

    > Download HijackThis from:
    >
    > http://www.spywareinfo.com/~merijn/files/hijackthis.zip

    "The requested URL /~merijn/files/hijackthis.zip was not found on
    this server."

    I did find it at

    http://www.majorgeeks.com/download3155.html

    however.

    Jim
  6. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

    I hate to say this, as I make a living designing MS Networks for
    businesses and run my own business on MS servers/products, but, after
    this being the fifth time I'm going to have to wipe/reinstall my mother-
    inlaws computer (WinXP, AV, Firewall, IE 6, Router, etc...) I've decided
    to move her (and others like her) to the linux platform.

    Since she only does email, browses, quicken, and a couple other things
    on her home computer, I don't think there is anything that SUSE 9.1
    Personal can't deliver. In looking at CodeWeavers "CrossOver Office"
    package, I may even be able to run Office 2000 on her PC along with
    Quicken.

    I'm sticking with MS for my own company and clients, where I can control
    the environment, but if I can swing it, it's going to be Linux (SUSE 9.1
    or Fedora 2) for non-technical users.

    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  7. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

    Leythos <void@nowhere.com> wrote in news:MPG.1b63a33769aa951898a7ae@news-
    server.columbus.rr.com:

    > I hate to say this, as I make a living designing MS Networks for
    > businesses and run my own business on MS servers/products, but, after
    > this being the fifth time I'm going to have to wipe/reinstall my
    mother-
    > inlaws computer (WinXP, AV, Firewall, IE 6, Router, etc...) I've
    decided
    > to move her (and others like her) to the linux platform.
    >
    > Since she only does email, browses, quicken, and a couple other things
    > on her home computer, I don't think there is anything that SUSE 9.1
    > Personal can't deliver. In looking at CodeWeavers "CrossOver Office"
    > package, I may even be able to run Office 2000 on her PC along with
    > Quicken.
    >
    > I'm sticking with MS for my own company and clients, where I can
    control
    > the environment, but if I can swing it, it's going to be Linux (SUSE
    9.1
    > or Fedora 2) for non-technical users.
    >

    Well, I went even further than that with my Mom as I had given her a
    laptop with Win 2K on it using a dial-up connection. All she was doing
    was email and nothing else. After having the machine UPS-ed a couple of
    times with me eating the bill to disinfect it or wipe it clean or several
    long phone conversations with other family members about Mom's computer,
    I asked her did she want it back this last time and the answer was *NO*
    she had fun with it and it was over. To be honest, I had with the whole
    situation. Yes, I understand where you're coming from on this and non-
    technical family members and the MS O/S.

    Hopefully, MS will get the home environment under control and close the
    O/S down on future releases of the MS O/S. I think they should completely
    segregate the O/S in the future. One for business and one for home usage
    as a solution that can be implemented as a lot of the features on the O/S
    are not needed by the home user that are being exploited.

    Duane :)
  8. Archived from groups: comp.security.firewalls (More info?)

    "Leythos" <void@nowhere.com> wrote in message
    news:MPG.1b63a33769aa951898a7ae@news-server.columbus.rr.com...
    > I hate to say this, as I make a living designing MS Networks for
    > businesses and run my own business on MS servers/products, but, after
    > this being the fifth time I'm going to have to wipe/reinstall my
    mother-
    > inlaws computer (WinXP, AV, Firewall, IE 6, Router, etc...) I've
    decided
    > to move her (and others like her) to the linux platform.
    >
    > Since she only does email, browses, quicken, and a couple other things
    > on her home computer, I don't think there is anything that SUSE 9.1
    > Personal can't deliver. In looking at CodeWeavers "CrossOver Office"
    > package, I may even be able to run Office 2000 on her PC along with
    > Quicken.
    >
    > I'm sticking with MS for my own company and clients, where I can
    control
    > the environment, but if I can swing it, it's going to be Linux (SUSE
    9.1
    > or Fedora 2) for non-technical users.
    >

    Sorry, but I've got to ask what are your in-laws doing to their computer
    that would require it to be wiped five times?

    I've been using the same WinXP Pro system for the last three years. I
    have installed and uninstalled many an application and utility, blah,
    blah, blah and I have never been forced into a corner where I had to
    wipe the drive and start over.

    --
    Best regards, from Don Kelloway of Commodon Communications
    Visit http://www.commodon.com to learn about the "Threats to Your
    Security on the Internet".
  9. Archived from groups: comp.security.firewalls (More info?)

    In article <WOoKc.2570$iK.791@newsread2.news.atl.earthlink.net>,
    dkelloway@commodon.com says...
    > "Leythos" <void@nowhere.com> wrote in message
    > news:MPG.1b63a33769aa951898a7ae@news-server.columbus.rr.com...
    > > I hate to say this, as I make a living designing MS Networks for
    > > businesses and run my own business on MS servers/products, but, after
    > > this being the fifth time I'm going to have to wipe/reinstall my
    > mother-
    > > inlaws computer (WinXP, AV, Firewall, IE 6, Router, etc...) I've
    > decided
    > > to move her (and others like her) to the linux platform.
    > >
    > > Since she only does email, browses, quicken, and a couple other things
    > > on her home computer, I don't think there is anything that SUSE 9.1
    > > Personal can't deliver. In looking at CodeWeavers "CrossOver Office"
    > > package, I may even be able to run Office 2000 on her PC along with
    > > Quicken.
    > >
    > > I'm sticking with MS for my own company and clients, where I can
    > control
    > > the environment, but if I can swing it, it's going to be Linux (SUSE
    > 9.1
    > > or Fedora 2) for non-technical users.
    > >
    >
    > Sorry, but I've got to ask what are your in-laws doing to their computer
    > that would require it to be wiped five times?

    As best I can tell, she's not doing anything questionable, at least not
    that I can tell. I think she's being pulled in by the 'social
    engineering' hacks that are going around.

    > I've been using the same WinXP Pro system for the last three years. I
    > have installed and uninstalled many an application and utility, blah,
    > blah, blah and I have never been forced into a corner where I had to
    > wipe the drive and start over.

    Yea, me too - I've got tons of XP and 2000 systems that have no problems
    at all, but most are under our control or run by technical types. In the
    case of home users, or office types with laptops, they seem to find ways
    to get "things" that the others don't. While I've never found a virus or
    spyware/ad ware that I couldn't hack out of the registry, it's getting a
    little old. As I said before, it's not that I can't secure the machine,
    it's that they unsecured it and then run click happy. I have 2 120GB
    drives in my main workstation, run VS.Net and the newest version too,
    have a MSDN Univ. Subscription and use all of it, even my laptop is XP,
    and I have no problems - as I said in another post, I manage the
    environment and know what I'm doing.

    I still push MS solutions, it's my business, and I use them in our
    development group, heck I've got LOTS of money invested in servers and
    workstation environments that I'm not about to abandon since we're not
    having the problem.

    It appears that I can use SUSE 9.1 Personal on home users computers,
    install a product called CrossOver and still let them run Office XP
    Professional and Quicken - I'm going to do a test install this weekend
    and see how it goes.


    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  10. Archived from groups: comp.security.firewalls (More info?)

    "Leythos" <void@nowhere.com> wrote in message
    news:MPG.1b6444271ef6e85898a7b2@news-server.columbus.rr.com...
    > In article <WOoKc.2570$iK.791@newsread2.news.atl.earthlink.net>,
    > dkelloway@commodon.com says...
    > > "Leythos" <void@nowhere.com> wrote in message
    > > news:MPG.1b63a33769aa951898a7ae@news-server.columbus.rr.com...
    > > > I hate to say this, as I make a living designing MS Networks for
    > > > businesses and run my own business on MS servers/products, but,
    after
    > > > this being the fifth time I'm going to have to wipe/reinstall my
    > > mother-
    > > > inlaws computer (WinXP, AV, Firewall, IE 6, Router, etc...) I've
    > > decided
    > > > to move her (and others like her) to the linux platform.
    > > >
    > > > Since she only does email, browses, quicken, and a couple other
    things
    > > > on her home computer, I don't think there is anything that SUSE
    9.1
    > > > Personal can't deliver. In looking at CodeWeavers "CrossOver
    Office"
    > > > package, I may even be able to run Office 2000 on her PC along
    with
    > > > Quicken.
    > > >
    > > > I'm sticking with MS for my own company and clients, where I can
    > > control
    > > > the environment, but if I can swing it, it's going to be Linux
    (SUSE
    > > 9.1
    > > > or Fedora 2) for non-technical users.
    > > >
    > >
    > > Sorry, but I've got to ask what are your in-laws doing to their
    computer
    > > that would require it to be wiped five times?
    >
    > As best I can tell, she's not doing anything questionable, at least
    not
    > that I can tell. I think she's being pulled in by the 'social
    > engineering' hacks that are going around.
    >
    > > I've been using the same WinXP Pro system for the last three years.
    I
    > > have installed and uninstalled many an application and utility,
    blah,
    > > blah, blah and I have never been forced into a corner where I had to
    > > wipe the drive and start over.
    >
    > Yea, me too - I've got tons of XP and 2000 systems that have no
    problems
    > at all, but most are under our control or run by technical types. In
    the
    > case of home users, or office types with laptops, they seem to find
    ways
    > to get "things" that the others don't. While I've never found a virus
    or
    > spyware/ad ware that I couldn't hack out of the registry, it's getting
    a
    > little old. As I said before, it's not that I can't secure the
    machine,
    > it's that they unsecured it and then run click happy. I have 2 120GB
    > drives in my main workstation, run VS.Net and the newest version too,
    > have a MSDN Univ. Subscription and use all of it, even my laptop is
    XP,
    > and I have no problems - as I said in another post, I manage the
    > environment and know what I'm doing.
    >
    > I still push MS solutions, it's my business, and I use them in our
    > development group, heck I've got LOTS of money invested in servers and
    > workstation environments that I'm not about to abandon since we're not
    > having the problem.
    >
    > It appears that I can use SUSE 9.1 Personal on home users computers,
    > install a product called CrossOver and still let them run Office XP
    > Professional and Quicken - I'm going to do a test install this weekend
    > and see how it goes.
    >
    >
    > --
    > --
    > spamfree999@rrohio.com
    > (Remove 999 to reply to me)

    'click happy'

    I know what you mean. LOL

    This past weekend I was at my dad's fixing his PowerMAC running 9.1.
    The weekend before I was over my mom's fixing her Windows 98. The
    weekend before that I was at my sister's fixing her Windows 98 system.
    I keep telling myself I'm going to disappear for a week and tell
    everyone that I've gone on a European trip again.

    And having a MSDN subscription is the best, isn't it? I have MSDN
    (Operating Systems), one to TechNet and an Action pack and I think
    they're the best money spent. Allows you to get your hands on
    everything.

    BOL in your testing this weekend.
    --
    Best regards, from Don Kelloway of Commodon Communications
    Visit http://www.commodon.com to learn about the "Threats to Your
    Security on the Internet".
  11. Archived from groups: comp.security.firewalls (More info?)

    In article <yXyKc.3148$f4.276@newsread3.news.atl.earthlink.net>,
    dkelloway@commodon.com says...
    > > Snipped from Leythos
    > > It appears that I can use SUSE 9.1 Personal on home users computers,
    > > install a product called CrossOver and still let them run Office XP
    > > Professional and Quicken - I'm going to do a test install this weekend
    > > and see how it goes.

    I installed SUSE 9.1 Personal on my laptop to test it, a P3/600 with NT
    4.0 and DVD/CD, PCMCIA NIC, Video, etc... I was amazed, it installed
    NEXT to NT 4 without even a glitch, video, NIC, DVD, etc.. All works. I
    even got my IMAP connection to the Exchange server working. Now, I can't
    get it to map to Server 2000 or 2003 shares yet, but it seems to work
    just fine. The laptop has 3 hard drives (removable), one is NT 4, one is
    Windows 2000 Server, one is Windows XP, all for testing...


    --
    --
    spamfree999@rrohio.com
    (Remove 999 to reply to me)
  12. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls,microsoft.public.security,microsoft.public.windows.inetexplorer.ie6.browser (More info?)

    ***Special CONFIRMED Report. ****Assassins; who put Al-Qaeda to Shame.
    The Number three most powerful man , after Dick Cheney & G.W. BUSH .

    ALL Ariel Sharon's servants , Thugs & Murderers.

    Karl ROVE & Ariel Sharon banking on their Syrian killers & Murderers &
    Special Syrian Assassins of Assef Shawkat & Roustom Ghazali Working for
    Sharon and the NEOCONS.
    Special ICC Investigation; The Hague NL. & Belgium .

    http://www.onlinejournal.com/Special_Reports/052104Madsen/052104madsen.html


    Karl Rove's White House " Murder, Inc."

    By Wayne Madsen .
    Online Journal Contributing Writer .


    JULY, 2004- On September 15, 2001, just four days after the 9-11 attacks,
    CIA Director George Tenet provided President [sic] Bush with a Top Secret
    "Worldwide Attack Matrix"-a virtual license to kill targets deemed to be a
    threat to the United States in some 80 countries around the world. The Tenet
    plan, which was subsequently approved by Bush, essentially reversed the
    executive orders of four previous U.S. administrations that expressly
    prohibited political assassinations.

    According to high level European intelligence officials, Bush's counselor,
    Karl Rove, used the new presidential authority to silence a popular Lebanese
    Christian politician who was planning to offer irrefutable evidence that
    Israeli Prime Minister Ariel Sharon authorized the massacre of hundreds of
    Palestinian men, women, and children in the Beirut refugee camps of Sabra
    and Shatilla in 1982. In addition, Sharon provided the Lebanese forces who
    carried out the grisly task. At the time of the massacres, Elie Hobeika was
    intelligence chief of Lebanese Christian forces in Lebanon who were battling
    Palestinians and other Muslim groups in a bloody civil war. He was also the
    chief liaison to Israeli Defense Force (IDF) personnel in Lebanon. An
    official Israeli inquiry into the massacre at the camps, the Kahan
    Commission, merely found Sharon "indirectly" responsible for the slaughter
    and fingered Hobeika as the chief instigator.

    The Kahan Commission never called on Hobeika to offer testimony in his
    defense. However, in response to charges brought against Sharon before a
    special war crimes court in Belgium, Hobeika was urged to testify against
    Sharon, according to well-informed Lebanese sources. Hobeika was prepared to
    offer a different version of events than what was contained in the Kahan
    report. A 1993 Belgian law permitting human rights prosecutions was unusual
    in that non-Belgians could be tried for violations against other
    non-Belgians in a Belgian court. Under pressure from the Bush
    administration, the law was severely amended and the extra territoriality
    provisions were curtailed.

    Hobeika headed the Lebanese forces intelligence agency since the mid- 1970s
    and he soon developed close ties to the CIA. He was a frequent visitor to
    the CIA's headquarters at Langley, Virginia. After the Syrian invasion of
    Lebanon in 1990, Hobeika held a number of cabinet positions in the Lebanese
    government, a proxy for the Syrian occupation authorities. He also served in
    the parliament. In July 2001, Hobeika called a press conference and
    announced he was prepared to testify against Sharon in Belgium and revealed
    that he had evidence of what actually occurred in Sabra and Shatilla.
    Hobeika also indicated that Israel had flown members of the South Lebanon
    Army (SLA) into Beirut International Airport in an Israeli Air Force C130
    transport plane. In full view of dozens of witnesses, including members of
    the Lebanese army and others, SLA troops under the command of Major Saad
    Haddad were slipped into the camps to commit the massacres. The SLA troops
    were under the direct command of Ariel Sharon and an Israeli Mossad agent
    provocateur named Rafi Eitan. Hobeika offered evidence that a former U.S.
    ambassador to Lebanon was aware of the Israeli plot. In addition, the IDF
    had placed a camera in a strategic position to film the Sabra and Shatilla
    massacres. Hobeika was going to ask that the footage be released as part of
    the investigation of Sharon.

    After announcing he was willing to testify against Sharon, Hobeika became
    fearful for his safety and began moves to leave Lebanon. Hobeika was not
    aware that his threats to testify against Sharon had triggered a series of
    fateful events that reached well into the White House and Sharon's office.

    On January 24, 2002, Hobeika's car was blown up by a remote controlled bomb
    placed in a parked Mercedes along a street in the Hazmieh section of Beirut.
    The bomb exploded when Hobeika and his three associates, Fares Souweidan,
    Mitri Ajram, and Waleed Zein, were driving their Range Rover past the
    TNT-laden Mercedes at 9:40 am Beirut time. The Range Rover's four passengers
    were killed in the explosion. In case Hobeika's car had taken another route
    through the neighborhood, two additional parked cars, located at two other
    choke points, were also rigged with TNT. The powerful bomb wounded a number
    of other people on the street. Other parked cars were destroyed and
    buildings and homes were damaged. The Lebanese president, prime minister,
    and interior minister all claimed that Israeli agents were behind the
    attack.

    It is noteworthy that the State Department's list of global terrorist
    incidents for 2002 worldwide failed to list the car bombing attack on
    Hobeika and his party. The White House wanted to ensure the attack was
    censored from the report. The reason was simple: the attack ultimately had
    Washington's fingerprints on it.

    High level European intelligence sources now report that Karl Rove
    personally coordinated Hobeika's assassination. The hit on Hobeika employed
    Syrian intelligence agents. Syrian President Bashar Assad was trying to
    curry favor with the Bush administration in the aftermath of 9-11 and was
    more than willing to help the White House. In addition, Assad's father,
    Hafez Assad, had been an ally of Bush's father during Desert Storm, a period
    that saw Washington give a "wink and a nod" to Syria's occupation of
    Lebanon. Rove wanted to help Sharon avoid any political embarrassment from
    an in absentia trial in Brussels where Hobeika would be a star witness. Rove
    and Sharon agreed on the plan to use Syrian Military Intelligence agents to
    assassinate Hobeika. Rove saw Sharon as an indispensable ally of Bush in
    ensuring the loyalty of the Christian evangelical and Jewish voting blocs in
    the United States. Sharon saw the plan to have the United States coordinate
    the hit as a way to mask all connections to Jerusalem.

    The Syrian hit team was ordered by Assef Shawkat, the number two man in
    Syrian military intelligence and a good friend and brother in law of Syrian
    President Bashar Assad. Assad's intelligence services had already cooperated
    with U.S. intelligence in resorting to unconventional methods to extract
    information from al Qaeda detainees deported to Syria from the United States
    and other countries in the wake of 9-11. The order to take out Hobeika was
    transmitted by Shawkat to Roustom Ghazali, the head of Syrian military
    intelligence in Beirut. Ghazali arranged for the three remote controlled
    cars to be parked along Hobeika's route in Hazmieh; only few hundred yards
    from the Barracks of Syrian Special Forces which are stationed in the area
    near the Presidential palace , the ministry of Defense and various
    Government and officers quarters . This particular area is covered 24/7 by a
    very sophisticated USA multi-agency surveillance system to monitor Syrian
    and Lebanese security activities and is a " Choice " area to live in for its
    perceived high security .

    The plan to kill Hobeika had all the necessary caveats and built-in denial
    mechanisms. If the Syrians were discovered beforehand or afterwards, Karl
    Rove and his associates in the Pentagon's Office of Special Plans would be
    ensured plausible deniability.

    Hobeika's CIA intermediary in Beirut, a man only referred to as "Jason" by
    Hobeika, was a frequent companion of the Lebanese politician during official
    and off-duty hours. During Hobeika's election campaigns for his
    parliamentary seat, Jason was often in Hobeika's office offering support and
    advice. After Hobeika's assassination, Jason became despondent over the
    death of his colleague. Eventually, Jason disappeared abruptly from Lebanon
    and reportedly later emerged in Pakistan.

    Karl Rove's involvement in the assassination of Hobeika may not have been
    the last "hit" he ordered to help out Sharon. In March 2002, a few months
    after Hobeika's assassination, another Lebanese Christian with knowledge of
    Sharon's involvement in the Sabra and Shatilla massacres was gunned down
    along with his wife in Sao Paulo, Brazil. A bullet fired at Michael Nassar's
    car flattened one of his tires. Nassar pulled into a gasoline station for
    repairs. A professional assassin, firing a gun with a silencer, shot Nassar
    and his wife in the head, killing them both instantly. The assailant fled
    and was never captured. Nassar was also involved with the Phalange militia
    at Sabra and Shatilla. Nassar was also reportedly willing to testify against
    Sharon in Belgium and, as a nephew of SLA Commander General Antoine Lahd,
    may have had important evidence to bolster Hobeika's charge that Sharon
    ordered SLA forces into the camps to wipe out the Palestinians.

    Based on what European intelligence claims is concrete intelligence on
    Rove's involvement in the assassination of Hobeika, the Bush administration
    can now add political assassination to its laundry list of other misdeeds,
    from lying about the reasons to go to war to the torture tactics in
    violation of the Geneva Conventions that have been employed by the Pentagon
    and "third country" nationals at prisons in Iraq and Guantanamo Bay.

    Wayne Madsen is a Washington, DC-based investigative journalist and
    columnist. He served in the National Security Agency (NSA) during the Reagan
    administration and wrote the introduction to Forbidden Truth. He is the
    co-author, with John Stanton, of "America's Nightmare: The Presidency of
    George Bush II." His forthcoming book is titled: "Jaded Tasks: Big Oil,
    Black Ops, and Brass Plates." Madsen can be reached at:
    WMadsen777@aol.com

    This is some of the evidence for you and for the World ....


    ~~~encrypted/logs/access ~~~

    Not to mention hundreds of private companies and governments. Anyway...
    Lines 10-36
    of my logfiles show a lot of interest in this article:

    # grep sid=1052 /encrypted/logs/access_log|awk '{print $1,$7}'|sed -n
    '10,36p'

    spb-213-33-248-190.sovintel.ru /modules.php?name=News&file=article&sid=1052
    ext1.shape.nato.int /modules.php?name=News&file=article&sid=1052
    server1.namsa.nato.int /modules.php?name=News&file=article&sid=1052
    ns1.saclantc.nato.int /modules.php?name=News&file=article&sid=1052
    bxlproxyb.europarl.eu.int /modules.php?name=News&file=article&sid=1052
    wdcsun18.usdoj.gov /modules.php?name=News&file=article&sid=1052
    wdcsun21.usdoj.gov /modules.php?name=News&file=article&sid=1052
    tcs-gateway11.treas.gov /modules.php?name=News&file=article&sid=1052
    tcs-gateway13.treas.gov /modules.php?name=News&file=article&sid=1052
    relay1.ucia.gov /modules.php?name=News&file=article&sid=1052
    relay2.cia.gov /modules.php?name=News&file=article&sid=1052
    relay2.ucia.gov /modules.php?name=News&file=article&sid=1052
    n021.dhs.gov /modules.php?name=News&file=article&sid=1052
    legion.dera.gov.uk /modules.php?name=News&file=article&sid=1052
    gateway-fincen.uscg.mil /modules.php?name=News&file=article&sid=1052
    crawler2.googlebot.com /modules.php?name=News&file=article&sid=1052
    crawler1.googlebot.com /modules.php?name=News&file=article&sid=1052
    gateway101.gsi.gov.uk /modules.php?name=News&file=article&sid=1052
    gate11-quantico.nmci.usmc.mil /modules.php?name=News&file=article&sid=1052
    gate13-quantico.nmci.usmc.mil /modules.php?name=News&file=article&sid=1052
    fw1-a.osis.gov /modules.php?name=News&file=article&sid=1052
    crawler13.googlebot.com /modules.php?name=News&file=article&sid=1052
    fw1-b.osis.gov /modules.php?name=News&file=article&sid=1052
    bouncer.nics.gov.uk /modules.php?name=News&file=article&sid=1052
    beluha.ssu.gov.ua /modules.php?name=News&file=article&sid=1052
    zukprxpro02.zreo.compaq.com
    /modules.php?name=News&file=article&sid=1052....


    To be continued ....

    HOLLYWOOD FL.... ATTA & Aris2Chatton
    DENVER CO
    ART STUDENTS...
    MOOVERS INC.@IL
    Lakam & Mr.X.
    Etc. Etc.
  13. Archived from groups: comp.security.firewalls (More info?)

    On Sun, 18 Jul 2004 at 21:48 GMT, Leythos <void@nowhere.com> spewed
    into the usenet group comp.security.firewalls:
    > In article <yXyKc.3148$f4.276@newsread3.news.atl.earthlink.net>,
    > dkelloway@commodon.com says...
    >> > Snipped from Leythos
    >> > It appears that I can use SUSE 9.1 Personal on home users computers,
    >> > install a product called CrossOver and still let them run Office XP
    >> > Professional and Quicken - I'm going to do a test install this weekend
    >> > and see how it goes.
    >
    > I installed SUSE 9.1 Personal on my laptop to test it, a P3/600 with NT
    > 4.0 and DVD/CD, PCMCIA NIC, Video, etc... I was amazed, it installed
    > NEXT to NT 4 without even a glitch, video, NIC, DVD, etc.. All works. I
    > even got my IMAP connection to the Exchange server working. Now, I can't

    Nice. If you have Ximian Evolution and the now free Ximian connector, you
    can even use Exchange for the calendaring part.

    > get it to map to Server 2000 or 2003 shares yet, but it seems to work
    > just fine. The laptop has 3 hard drives (removable), one is NT 4, one is
    > Windows 2000 Server, one is Windows XP, all for testing...

    Hunt down a good Samba HOWTO. Actually, since you are planning to use this
    as a client, you should be able to type smb://<server>/share into the
    Konqueror address bar and have things work.

    BTW, OpenOffice works fine, is cross platform and can work with MS Office
    files (most of the time anyway). I have had no issues sharing files and
    editing them with people using different Microsoft Office versions.

    And to leave this post on topic, you could setup a packet filter on the box
    as well, for fun and for understanding how it works.

    Devdas Bhagat
  14. Archived from groups: alt.computer.security,alt.privacy.spyware,comp.security.firewalls (More info?)

    On Sat, 17 Jul 2004 20:51:26 GMT, in <alt.privacy.spyware>, "Del Reedy"
    <delreedy@earthlink.net> wrote:
    >
    > Hi
    >
    > I'm having a problem with IE6.
    >
    > When I attempt to connect to any website with IE6, at the bottom
    > it says "attempting to connect to 127.0.0.1", then I get the error:
    > "The page cannot be displayed"
    >
    > After doing some google research I think this is possibly the result of
    > of a partially uninstalled pop-up blocking program (which I wouldn't
    > know the name of).
    >
    [snip]

    *IF* that's really the case, then it's an easy fix and nothing to worry about
    really. But I'm a bit concerned by the fact that you apparently don't even
    know what software you'e been installing and uninstalling on that system, even
    relatively recently, since this problem would have cropped up more-or-less
    immediately upon the bad uninstallation.

    Follow the instructions you'll find here:

    <http://www.cas.org/Support/blast/win/ieproxy.html>

    to bring up MSIE's "Local Area Network Settings".

    Note the checkbox marked as (2) in the first illustration under "Step C". If
    you are *not* using a local proxy server (such as The Proxomitron, for
    example), you want to make sure that box is UNchecked. If you *are* using
    Proxo (or similar), then it should be checked; but Item (6) in the next
    illustration MUST point to Proxo, not the now-missing Mystery PopUp Blocker.

    That *should* get you back to web-browsing.

    HOWEVER...

    If you value the health and safety of your system, you *will* remove MSIE
    entirely, and install a *decent* browser, such as K-Meleon, Mozilla Firefox,
    or (some versions of) Opera. Here are some handy tools to make that task
    relatively painless:

    <http://www.litepc.com/ieradicator.html>
    <http://www.litepc.com/98lite.html>
    <http://www.litepc.com/xplite.html>

    Pick whichever is appropriate to your system/needs, and go for it.

    --

    Jay T. Blocksom
    --------------------------------
    Appropriate Technology, Inc.
    usenet01[at]appropriate-tech.net

    "They that can give up essential liberty to obtain a little temporary
    safety deserve neither liberty nor safety."
    -- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Unsolicited advertising sent to this domain is expressly prohibited under
    47 USC S227 and State Law. Violators are subject to prosecution.
Ask a new question

Read More

Firewalls Internet Explorer Security Microsoft Networking