anyone else consider this a serious security breach?

[John Smith]

I have been fighting to stop akamaitechnologies from communicating with my
computer, unsuccessfully. Any site, if unable to be blocked, is a MAJOR
break in any security one can have.

Entries entered into the windows hosts file seems incapable of blocking
access, as is proxomitron and junkbuster, or even a personal firewall.

Rumors abound that this is in fact some method the fbi or other agency has
found to route all internet traffic though, and create records of internet
activity... I am undecided on this point...

However, in my opinion, it seems that until this hole is blocked, anyone
using the internet should consider their security to have been
compromised...

One method of seeing how easily akamaitechnologies is able to bypass any
security measure you can devise is as follows:

1) access http://www.hotbot.com
2) do a search using any search term
3) drop to a dos prompt and type "netstat -a" (without the quotes -> "'s)
4) in the list of connections to your computer will see something like:
a66-81-235-70.deploy.akamaitechnologies.com

If anyone can block akamaitechnologies(also adamaitechnologies or akamai) I
would love to hear from them...

Thanks in advance,
warmest regards,
John Smith

[Lance Delacroix]

On Tue, 1 Jul 2003 22:22:38 -0700, "John Smith"
<assemblywizard10@yahoo.com> prounounced a fatwah thus:

>I have been fighting to stop akamaitechnologies from communicating with my
>computer, unsuccessfully. Any site, if unable to be blocked, is a MAJOR
>break in any security one can have.
>
>Entries entered into the windows hosts file seems incapable of blocking
>access,

Too many entries required. You'll never catch up.

> as is proxomitron and junkbuster,

Ditto.

> or even a personal firewall.

Tried Sponge's blocklists for Kerio?

Have you tried DNSKong?

>
>Rumors abound that this is in fact some method the fbi or other agency has
>found to route all internet traffic though, and create records of internet
>activity... I am undecided on this point...
>
>However, in my opinion, it seems that until this hole is blocked, anyone
>using the internet should consider their security to have been
>compromised...

Akamai is kind of like Micro$haft: We're only stuck with them if we
insist on using them.

>
>One method of seeing how easily akamaitechnologies is able to bypass any
>security measure you can devise is as follows:
>
>1) access http://www.hotbot.com
>2) do a search using any search term
>3) drop to a dos prompt and type "netstat -a" (without the quotes -> "'s)
>4) in the list of connections to your computer will see something like:
>a66-81-235-70.deploy.akamaitechnologies.com
>
>If anyone can block akamaitechnologies(also adamaitechnologies or akamai) I
>would love to hear from them...

I just tried your little test. I put "akamai" in the search box.
There were no akamai entries in netstat. I did havea problem
connecting to www.akamai.com , though. It's blocked completely.

Fancy that.

Try DNSKong.

>
>Thanks in advance,
>warmest regards,

Yes, warmest regards to you, too.

>John Smith
>
>
>

[Aaron]

Lance Delacroix <lance_delacroix@fastmail.fm> wrote in
news:ul03gvk9sphkulkj7t2sde525ft7bg0dh1@4ax.com:

> On Tue, 1 Jul 2003 22:22:38 -0700, "John Smith"
> <assemblywizard10@yahoo.com> prounounced a fatwah thus:
>
>>I have been fighting to stop akamaitechnologies from communicating
>>with my computer, unsuccessfully. Any site, if unable to be blocked,
>>is a MAJOR break in any security one can have.
>>
>>Entries entered into the windows hosts file seems incapable of
>>blocking access,
>
> Too many entries required. You'll never catch up.
>
>> as is proxomitron and junkbuster,
>
> Ditto.
>
>> or even a personal firewall.
>
> Tried Sponge's blocklists for Kerio?
>
> Have you tried DNSKong?
>
>>
>>Rumors abound that this is in fact some method the fbi or other agency
>>has found to route all internet traffic though, and create records of
>>internet activity... I am undecided on this point...
>>
>>However, in my opinion, it seems that until this hole is blocked,
>>anyone using the internet should consider their security to have been
>>compromised...
>
> Akamai is kind of like Micro$haft: We're only stuck with them if we
> insist on using them.
>
>>
>>One method of seeing how easily akamaitechnologies is able to bypass
>>any security measure you can devise is as follows:
>>
>>1) access http://www.hotbot.com
>>2) do a search using any search term
>>3) drop to a dos prompt and type "netstat -a" (without the quotes ->
>>"'s) 4) in the list of connections to your computer will see something
>>like: a66-81-235-70.deploy.akamaitechnologies.com
>>
>>If anyone can block akamaitechnologies(also adamaitechnologies or
>>akamai) I would love to hear from them...
>
> I just tried your little test. I put "akamai" in the search box.
> There were no akamai entries in netstat. I did havea problem
> connecting to www.akamai.com , though. It's blocked completely.
>
> Fancy that.

Funny, I tried it without using any hosts files, proxomitron or dnskong,
i don't see akamai when doing a netstat.







Aaron
--
Want to learn how to use Winboard and the 150+ free Winboard
Chess engines?Visit http://www.aarontay.per.sg/Winboard/

[Lance Delacroix]

Aaron wrote:
> Lance Delacroix <lance_delacroix@fastmail.fm> wrote in
> news:ul03gvk9sphkulkj7t2sde525ft7bg0dh1@4ax.com:
>
>
>>On Tue, 1 Jul 2003 22:22:38 -0700, "John Smith"
>><assemblywizard10@yahoo.com> prounounced a fatwah thus:
>>
>>
>>>I have been fighting to stop akamaitechnologies from communicating
>>>with my computer, unsuccessfully. Any site, if unable to be blocked,
>>>is a MAJOR break in any security one can have.
>>>
>>>Entries entered into the windows hosts file seems incapable of
>>>blocking access,
>>
>>Too many entries required. You'll never catch up.
>>
>>
>>>as is proxomitron and junkbuster,
>>
>>Ditto.
>>
>>
>>>or even a personal firewall.
>>
>>Tried Sponge's blocklists for Kerio?
>>
>>Have you tried DNSKong?
>>
>>
>>>Rumors abound that this is in fact some method the fbi or other agency
>>>has found to route all internet traffic though, and create records of
>>>internet activity... I am undecided on this point...
>>>
>>>However, in my opinion, it seems that until this hole is blocked,
>>>anyone using the internet should consider their security to have been
>>>compromised...
>>
>>Akamai is kind of like Micro$haft: We're only stuck with them if we
>>insist on using them.
>>
>>
>>>One method of seeing how easily akamaitechnologies is able to bypass
>>>any security measure you can devise is as follows:
>>>
>>>1) access http://www.hotbot.com
>>>2) do a search using any search term
>>>3) drop to a dos prompt and type "netstat -a" (without the quotes ->
>>>"'s) 4) in the list of connections to your computer will see something
>>>like: a66-81-235-70.deploy.akamaitechnologies.com
>>>
>>>If anyone can block akamaitechnologies(also adamaitechnologies or
>>>akamai) I would love to hear from them...
>>
>>I just tried your little test. I put "akamai" in the search box.
>>There were no akamai entries in netstat. I did havea problem
>>connecting to www.akamai.com , though. It's blocked completely.
>>
>>Fancy that.
>
>
> Funny, I tried it without using any hosts files, proxomitron or dnskong,
> i don't see akamai when doing a netstat.

Maybe you're connecting directly to hotbot.com w/out going through an
Akamai proxy.

>
>
>
>
>
>
>
> Aaron

[mto]

"John Smith" <assemblywizard10@yahoo.com> wrote in message
news:3f011c4c@monitor.lanset.com...
> I have been fighting to stop akamaitechnologies from communicating with my
> computer, unsuccessfully. Any site, if unable to be blocked, is a MAJOR
> break in any security one can have.
>
> Entries entered into the windows hosts file seems incapable of blocking
> access, as is proxomitron and junkbuster, or even a personal firewall.
>
> Rumors abound that this is in fact some method the fbi or other agency has
> found to route all internet traffic though, and create records of internet
> activity... I am undecided on this point...
>
> However, in my opinion, it seems that until this hole is blocked, anyone
> using the internet should consider their security to have been
> compromised...
>
> One method of seeing how easily akamaitechnologies is able to bypass any
> security measure you can devise is as follows:
>
> 1) access http://www.hotbot.com
> 2) do a search using any search term
> 3) drop to a dos prompt and type "netstat -a" (without the quotes -> "'s)
> 4) in the list of connections to your computer will see something like:
> a66-81-235-70.deploy.akamaitechnologies.com
>
> If anyone can block akamaitechnologies(also adamaitechnologies or akamai)
I
> would love to hear from them...
>
> Thanks in advance,
> warmest regards,
> John Smith
>

I've completely blocked akamai rather successfully - without losing any
"services" - in ZA Pro simply block everything (including all scripts) in
the Privacy/Site section and then enter the akamai sites in the blocked zone
under firewall.

[Lu Tze]

mto wrote:
> "John Smith" <assemblywizard10@yahoo.com> wrote in message
> news:3f011c4c@monitor.lanset.com...
>
>>I have been fighting to stop akamaitechnologies from communicating with my
>>computer, unsuccessfully. Any site, if unable to be blocked, is a MAJOR
>>break in any security one can have.
>>
>>Entries entered into the windows hosts file seems incapable of blocking
>>access, as is proxomitron and junkbuster, or even a personal firewall.
>>
>>Rumors abound that this is in fact some method the fbi or other agency has
>>found to route all internet traffic though, and create records of internet
>>activity... I am undecided on this point...
>>
>>However, in my opinion, it seems that until this hole is blocked, anyone
>>using the internet should consider their security to have been
>>compromised...
>>
>>One method of seeing how easily akamaitechnologies is able to bypass any
>>security measure you can devise is as follows:
>>
>>1) access http://www.hotbot.com
>>2) do a search using any search term
>>3) drop to a dos prompt and type "netstat -a" (without the quotes -> "'s)
>>4) in the list of connections to your computer will see something like:
>>a66-81-235-70.deploy.akamaitechnologies.com
>>
>>If anyone can block akamaitechnologies(also adamaitechnologies or akamai)
>
> I
>
>>would love to hear from them...
>>
>>Thanks in advance,
>>warmest regards,
>>John Smith
>>
>
>
> I've completely blocked akamai rather successfully - without losing any
> "services" - in ZA Pro simply block everything (including all scripts) in
> the Privacy/Site section and then enter the akamai sites in the blocked zone
> under firewall.
>
>
All I get is my news server and the search server which is I think by
default Google.

[mto]

"Lu Tze" <ID10T@ward14.com> wrote in message
news:bepdck$kjr$1@titan.btinternet.com...
> mto wrote:
> > "John Smith" <assemblywizard10@yahoo.com> wrote in message
> > news:3f011c4c@monitor.lanset.com...
> >
> >>I have been fighting to stop akamaitechnologies from communicating with
my
> >>computer, unsuccessfully. Any site, if unable to be blocked, is a MAJOR
> >>break in any security one can have.
> >>
> >>Entries entered into the windows hosts file seems incapable of blocking
> >>access, as is proxomitron and junkbuster, or even a personal firewall.
> >>
> >>Rumors abound that this is in fact some method the fbi or other agency
has
> >>found to route all internet traffic though, and create records of
internet
> >>activity... I am undecided on this point...
> >>
> >>However, in my opinion, it seems that until this hole is blocked, anyone
> >>using the internet should consider their security to have been
> >>compromised...
> >>
> >>One method of seeing how easily akamaitechnologies is able to bypass any
> >>security measure you can devise is as follows:
> >>
> >>1) access http://www.hotbot.com
> >>2) do a search using any search term
> >>3) drop to a dos prompt and type "netstat -a" (without the quotes ->
"'s)
> >>4) in the list of connections to your computer will see something like:
> >>a66-81-235-70.deploy.akamaitechnologies.com
> >>
> >>If anyone can block akamaitechnologies(also adamaitechnologies or
akamai)
> >
> > I
> >
> >>would love to hear from them...
> >>
> >>Thanks in advance,
> >>warmest regards,
> >>John Smith
> >>
> >
> >
> > I've completely blocked akamai rather successfully - without losing any
> > "services" - in ZA Pro simply block everything (including all scripts)
in
> > the Privacy/Site section and then enter the akamai sites in the blocked
zone
> > under firewall.
> >
> >
> All I get is my news server and the search server which is I think by
> default Google.
>

Do you mean that this is all you get after blocking akamai and that you
cannot see anything except your newserver and google? Or do you mean those
are the only services that you use anyway?

[Lu Tze]

mto wrote:
> "Lu Tze" <ID10T@ward14.com> wrote in message
> news:bepdck$kjr$1@titan.btinternet.com...
>
>>mto wrote:
>>
>>>"John Smith" <assemblywizard10@yahoo.com> wrote in message
>>>news:3f011c4c@monitor.lanset.com...
>>>
>>>
>>>>I have been fighting to stop akamaitechnologies from communicating with
>
> my
>
>>>>computer, unsuccessfully. Any site, if unable to be blocked, is a MAJOR
>>>>break in any security one can have.
>>>>
>>>>Entries entered into the windows hosts file seems incapable of blocking
>>>>access, as is proxomitron and junkbuster, or even a personal firewall.
>>>>
>>>>Rumors abound that this is in fact some method the fbi or other agency
>
> has
>
>>>>found to route all internet traffic though, and create records of
>
> internet
>
>>>>activity... I am undecided on this point...
>>>>
>>>>However, in my opinion, it seems that until this hole is blocked, anyone
>>>>using the internet should consider their security to have been
>>>>compromised...
>>>>
>>>>One method of seeing how easily akamaitechnologies is able to bypass any
>>>>security measure you can devise is as follows:
>>>>
>>>>1) access http://www.hotbot.com
>>>>2) do a search using any search term
>>>>3) drop to a dos prompt and type "netstat -a" (without the quotes ->
>
> "'s)
>
>>>>4) in the list of connections to your computer will see something like:
>>>>a66-81-235-70.deploy.akamaitechnologies.com
>>>>
>>>>If anyone can block akamaitechnologies(also adamaitechnologies or
>
> akamai)
>
>>>I
>>>
>>>
>>>>would love to hear from them...
>>>>
>>>>Thanks in advance,
>>>>warmest regards,
>>>>John Smith
>>>>
>>>
>>>
>>>I've completely blocked akamai rather successfully - without losing any
>>>"services" - in ZA Pro simply block everything (including all scripts)
>
> in
>
>>>the Privacy/Site section and then enter the akamai sites in the blocked
>
> zone
>
>>>under firewall.
>>>
>>>
>>
>>All I get is my news server and the search server which is I think by
>>default Google.
>>
>
>
> Do you mean that this is all you get after blocking akamai and that you
> cannot see anything except your newserver and google? Or do you mean those
> are the only services that you use anyway?
>
>
My apologies. I, upon re-reading that which I had writ, could make
neither head nor tail of it myself.
What I meant was that when I tried to recreate the event you described,
upon doing a look up in netstat, with Hotbot open in the browser I had
no reference to Akamai at all. I can only imagine that a script you are
seeing on your machine is Akamai driven but between my host file/spybot
and spywareblaster then this IP for Akamai is not making in through.

Lu Tze

--
Whale Oil Beef Hooked

[mto]

"Lu Tze" <ID10T@ward14.com> wrote in message
news:bervui$soa$1@titan.btinternet.com...
> mto wrote:
> > "Lu Tze" <ID10T@ward14.com> wrote in message
> > news:bepdck$kjr$1@titan.btinternet.com...
> >
> >>mto wrote:
> >>
> >>>"John Smith" <assemblywizard10@yahoo.com> wrote in message
> >>>news:3f011c4c@monitor.lanset.com...
> >>>
> >>>
> >>>>I have been fighting to stop akamaitechnologies from communicating
with
> >
> > my
> >
> >>>>computer, unsuccessfully. Any site, if unable to be blocked, is a
MAJOR
> >>>>break in any security one can have.
> >>>>
> >>>>Entries entered into the windows hosts file seems incapable of
blocking
> >>>>access, as is proxomitron and junkbuster, or even a personal firewall.
> >>>>
> >>>>Rumors abound that this is in fact some method the fbi or other agency
> >
> > has
> >
> >>>>found to route all internet traffic though, and create records of
> >
> > internet
> >
> >>>>activity... I am undecided on this point...
> >>>>
> >>>>However, in my opinion, it seems that until this hole is blocked,
anyone
> >>>>using the internet should consider their security to have been
> >>>>compromised...
> >>>>
> >>>>One method of seeing how easily akamaitechnologies is able to bypass
any
> >>>>security measure you can devise is as follows:
> >>>>
> >>>>1) access http://www.hotbot.com
> >>>>2) do a search using any search term
> >>>>3) drop to a dos prompt and type "netstat -a" (without the quotes ->
> >
> > "'s)
> >
> >>>>4) in the list of connections to your computer will see something
like:
> >>>>a66-81-235-70.deploy.akamaitechnologies.com
> >>>>
> >>>>If anyone can block akamaitechnologies(also adamaitechnologies or
> >
> > akamai)
> >
> >>>I
> >>>
> >>>
> >>>>would love to hear from them...
> >>>>
> >>>>Thanks in advance,
> >>>>warmest regards,
> >>>>John Smith
> >>>>
> >>>
> >>>
> >>>I've completely blocked akamai rather successfully - without losing any
> >>>"services" - in ZA Pro simply block everything (including all scripts)
> >
> > in
> >
> >>>the Privacy/Site section and then enter the akamai sites in the blocked
> >
> > zone
> >
> >>>under firewall.
> >>>
> >>>
> >>
> >>All I get is my news server and the search server which is I think by
> >>default Google.
> >>
> >
> >
> > Do you mean that this is all you get after blocking akamai and that you
> > cannot see anything except your newserver and google? Or do you mean
those
> > are the only services that you use anyway?
> >
> >
> My apologies. I, upon re-reading that which I had writ, could make
> neither head nor tail of it myself.
> What I meant was that when I tried to recreate the event you described,
> upon doing a look up in netstat, with Hotbot open in the browser I had
> no reference to Akamai at all. I can only imagine that a script you are
> seeing on your machine is Akamai driven but between my host file/spybot
> and spywareblaster then this IP for Akamai is not making in through.
>
> Lu Tze
>

Let's see, it was John who described the test, not me, but just for the heck
of it I went and did it myself - twice, once with and once without cookies
(which I have set to expire immediately upon receipt. No akamai here
either. I suspect that something is fishy with John's security settings.