• security and IP addresses

    Author
    Topic
    #444986

    Hi,
    On my NIS 2007 I have a facility titled ‘Security Inspector’ which I run once in a while. The other day, following a run, it advised me that “The IP addresses in your Windows host file have been redirected”. When I checked the help option it said “remove from the hosts file any line that maps a host name other than localhost to the IP address nnn.n.n.n” (where nnn equates to my IP address). I hadn’t noted any problems with my computer but I told Security Inspector to ‘fix’ the problem which it duly did. It seems to have remained ‘fixed’ and I’m having no problems that I can tell.

    My question is – did the redirection represent a security risk or was it something that just occured through something I might have changed at some time? I run Norton firewall and AV (NIS 2007), fully updated, have Windows defender running constantly and use Spybot S&D and Ad-Aware SE on a weekly basis.

    Grateful for any/all comments
    Thanks
    Keith

    Viewing 1 reply thread
    Author
    Replies
    • #1077651

      You hadn’t perhaps put the IP address of the Lounge into your HOSTS file?

      Otherwise unless you’ve got a backup of the HOSTS file before it was ‘fixed’, it’s rather difficult to know what the problem could have been…

    • #1077661

      Entries in the Hosts file don’t necessarily mean that you have a problem. Spybot S&D, for example, has an option to add thousands of entries to your Hosts file to block “bad” sites, by directing their IP addresses to 127.0.0.1, which is your own computer. NIS sees this, and warns you that some websites are redirected – but that was done by intention!

      • #1077707

        John/Hans,
        Thank you, appreciate the responses.
        Keith

      • #1078428

        Hans/John,
        Quick update. Hans, you hit the nail on the head re Spybot S&D. I’ve just downloaded latest updates from S&D and then ran and updated the ‘immunize’ prog. Then opened NIS, ran ‘Security Inspector’ and, lo and behold, It said that my IP addresses had been redirected – pretty obvious that it’s Spybot’s ‘immunize’ facility that’s doing the re-directing. Thanks again both for help
        Keith

        • #1078451

          I’ve (just) seen a PC badly infected with spyware which had its HOSTS file with a range of antivirus and antispyware manufacturer websites all directed to 1.1.1.1, followed by the 6500-odd ‘legitimate’ Spybot 1.5 redirects of dubious websites all to 127.0.0.1 …

    Viewing 1 reply thread
    Reply To: security and IP addresses

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: