[Win2k] Stopping sw from phoning home

[ignisfatuus]

Note: I do not want to use a sw firewall to do this.

How do I prevent Musicmatch Juke from phoning home? There must be a way
to stop the software from phoning home in MS Security settings
somewhere. I'm just not sure where. IPSEC maybe? Please advise.

I've got a DI-604 router but there doesn't seem to be a way to prevent
the sw in question from venturing out on the Net w/o permission in those
settings.

 

[Steven L Umbach]

Check all the options on it for configuration to see if you can disable it
from doing so. If that will not work you would need to find what IP
addresses and port/protocols it is using. You could use a packet sniffer,
check your routers logs, use netstat -an while it is actively accessing the
internet, or a tool such as port reporter as shown in the link below. Once
you know that information you could configure an ipsec filtering policy or
your router to stop access. It may be difficult if it uses port 80 TCP since
that is used for your internet access unless it uses the same IP address all
the time in which case you could block access to the specific IP addresses
it uses. A software firewall such as Zone Alarm could easily stop such
activity but you seem to be against using such. If you can track down the
executable that is used for automatic internet access with something like
port reporter you could try to delete the file [save a copy] or change
permissions on the file so that user and system have full control deny
permissions. --- Steve

http://www.microsoft.com/downloads/...9b-bae9-4243-b9d6-63e62b4bcd2e&displaylang=en

 

[Wolf Kirchmeir]

Check all the options on it for configuration to see if you can disable it
from doing so. If that will not work you would need to find what IP
addresses and port/protocols it is using. You could use a packet sniffer,
check your routers logs, use netstat -an while it is actively accessing the
internet, or a tool such as port reporter as shown in the link below. Once
you know that information you could configure an ipsec filtering policy or
your router to stop access. It may be difficult if it uses port 80 TCP since
that is used for your internet access unless it uses the same IP address all
the time in which case you could block access to the specific IP addresses
it uses. A software firewall such as Zone Alarm could easily stop such
activity but you seem to be against using such. If you can track down the
executable that is used for automatic internet access with something like
port reporter you could try to delete the file [save a copy] or change
permissions on the file so that user and system have full control deny
permissions. --- Steve

http://www.microsoft.com/downloads/...9b-bae9-4243-b9d6-63e62b4bcd2e&displaylang=en

Note: I do not want to use a sw firewall to do this.

How do I prevent Musicmatch Juke from phoning home? There must be a way
to stop the software from phoning home in MS Security settings somewhere.
I'm just not sure where. IPSEC maybe? Please advise.

I've got a DI-604 router but there doesn't seem to be a way to prevent the
sw in question from venturing out on the Net w/o permission in those
settings.

Or just don't use this kind of software. Why use software that
misbehaves? Just because it's made by MS doesn't mean it's good for you.
MS software is made to benefit MS, not you. Be suspicious of _anything_
made by MS, and find a substitute ASAP.

 

[ignisfatuus]

Mr. Umbach:

The good news is that the sw in question uses 2 very specific IP
addresses and ports each time it phones home. The bad news is that the
source port is 80. I'm going to mess with IPSEC and see if I can create
a policy to block this annoying behavior. I've never done it before but
am about to learn. I'm starting here.

http://support.microsoft.com/kb/813878#XSLTH4153121121120121120120

Any further advise would be appreciated. Thx.

Check all the options on it for configuration to see if you can disable it
from doing so. If that will not work you would need to find what IP
addresses and port/protocols it is using. You could use a packet sniffer,
check your routers logs, use netstat -an while it is actively accessing the
internet, or a tool such as port reporter as shown in the link below. Once
you know that information you could configure an ipsec filtering policy or
your router to stop access. It may be difficult if it uses port 80 TCP since
that is used for your internet access unless it uses the same IP address all
the time in which case you could block access to the specific IP addresses
it uses. A software firewall such as Zone Alarm could easily stop such
activity but you seem to be against using such. If you can track down the
executable that is used for automatic internet access with something like
port reporter you could try to delete the file [save a copy] or change
permissions on the file so that user and system have full control deny
permissions. --- Steve

http://www.microsoft.com/downloads/...9b-bae9-4243-b9d6-63e62b4bcd2e&displaylang=en

Note: I do not want to use a sw firewall to do this.

How do I prevent Musicmatch Juke from phoning home? There must be a way
to stop the software from phoning home in MS Security settings somewhere.
I'm just not sure where. IPSEC maybe? Please advise.

I've got a DI-604 router but there doesn't seem to be a way to prevent the
sw in question from venturing out on the Net w/o permission in those
settings.

 

[Steven L Umbach]

You can use an ipsec filttering policy that contains a rule that has a
filter list with those IP addresses and a block filter action. The link
below may also be of help in that it shows the basics of an ipsec filtering
policy. --- Steve

http://www.securityfocus.com/infocus/1559

Mr. Umbach:

The good news is that the sw in question uses 2 very specific IP addresses
and ports each time it phones home. The bad news is that the source port
is 80. I'm going to mess with IPSEC and see if I can create a policy to
block this annoying behavior. I've never done it before but am about to
learn. I'm starting here.

http://support.microsoft.com/kb/813878#XSLTH4153121121120121120120

Any further advise would be appreciated. Thx.

Check all the options on it for configuration to see if you can disable
it from doing so. If that will not work you would need to find what IP
addresses and port/protocols it is using. You could use a packet sniffer,
check your routers logs, use netstat -an while it is actively accessing
the internet, or a tool such as port reporter as shown in the link below.
Once you know that information you could configure an ipsec filtering
policy or your router to stop access. It may be difficult if it uses port
80 TCP since that is used for your internet access unless it uses the
same IP address all the time in which case you could block access to the
specific IP addresses it uses. A software firewall such as Zone Alarm
could easily stop such activity but you seem to be against using such. If
you can track down the executable that is used for automatic internet
access with something like port reporter you could try to delete the file
[save a copy] or change permissions on the file so that user and system
have full control deny permissions. --- Steve

http://www.microsoft.com/downloads/...9b-bae9-4243-b9d6-63e62b4bcd2e&displaylang=en

Note: I do not want to use a sw firewall to do this.

How do I prevent Musicmatch Juke from phoning home? There must be a way
to stop the software from phoning home in MS Security settings somewhere.
I'm just not sure where. IPSEC maybe? Please advise.

I've got a DI-604 router but there doesn't seem to be a way to prevent
the sw in question from venturing out on the Net w/o permission in those
settings.

 

[Paul Adare]

microsoft.public.win2000.security news group, Wolf Kirchmeir

Or just don't use this kind of software. Why use software that
misbehaves? Just because it's made by MS doesn't mean it's good for you.
MS software is made to benefit MS, not you. Be suspicious of _anything_
made by MS, and find a substitute ASAP.

Your anti-Microsoft bias is showing. You might want to adjust your
glasses and re-read the original post. Last time I checked MusicMatch
Jukebox was not a Microsoft product.

--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea

 

[Paul Adare]

microsoft.public.win2000.security news group, ignisfatuus

Any further advise would be appreciated. Thx.

Have you actually looked at the options in MusicMatch to see if you can
prevent it from communicating that way? Also, do you have any idea what
the software is actually doing when, as you say, it is "calling home"?
Have you actually checked their privacy policy? Chances are that you've
simply got the check for updates feature turned on.

--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea

 

[ignisfatuus]

Actually, Mr. Adare, one of my day jobs in a former life was to "break"
software so I know from whence I speak when I express that there is *no
way* to disable the phoning home feature without rewriting the code
and/or creating an IPSec policy, configging the router if possible.

Whatever the sw is transmitting is irrelevant to me. I don't care
*what* it's doing. I just *don't* want it making contact with the
mothership period. There isn't a need for it. Previously the same sw
was installed on a box that had a sw firewall like Sygate and the fact
that it couldn't phone home in no way impeded the usage. My box, my
rules. Nothing phones home without my specific permission.

 

[Wolf Kirchmeir]

microsoft.public.win2000.security news group, Wolf Kirchmeir



Your anti-Microsoft bias is showing. You might want to adjust your
glasses and re-read the original post. Last time I checked MusicMatch
Jukebox was not a Microsoft product.

Sorry, the OP wording seemed to me to imply it was an MS product. My
error, it seems.

Regardless, I do _not_ like programs that "phone home" without good
reason, I don't care who makes them. MS seems to build this into much of
their product as a matter of course. I don't mind Automatic Updater
"phoning home" to check for security patches etc, but that's a necessary
part of that particular service. In most other software I have that
checks for updates, I've turned off that feature, and initiate the check
myself. I'm rather paranoid...

Do I have a bias against MS? No more than against any company that tries
to manipulate the market. I'm a radical free marketeer in economic
philosophy, and MS does not play by free market rules. I think the
government's role is ensure the market is as free as possible, which
paradoxically means enforcing the rules of the free market, as in
anti-trust legislation, etc. It just hasn't gone far enough, and under
recent administrations, the US's free market regulation, which was IMO
the best in the world, has been pretty thoroughly gutted, and/or the
Justice Department has been muzzled. Pity. The EU appears to have
overtaken the USA in enforcement of free market principles.

But that's just one side of the free market equation. A free market also
requires knowledgable customers, and that takes work. IMO, very few
people have grasped that the customer also has a responsibility to keep
the market free, by learning as much as possible about the products
(s)he is contemplating buying. I've seen ads that extol and encourage
the customer's _ignorance_ - you know, the ones that tell the
prospective buyer that they don't need to know all that geeky stuff,
just know of what's cool, and they won't go wrong. Good grief!

But enough of ranting.

 

[Brian Komar [MVP]]

Sorry, the OP wording seemed to me to imply it was an MS product. My
error, it seems.

Regardless, I do _not_ like programs that "phone home" without good
reason, I don't care who makes them. MS seems to build this into much of
their product as a matter of course. I don't mind Automatic Updater
"phoning home" to check for security patches etc, but that's a necessary
part of that particular service. In most other software I have that
checks for updates, I've turned off that feature, and initiate the check
myself. I'm rather paranoid...

Do I have a bias against MS? No more than against any company that tries
to manipulate the market. I'm a radical free marketeer in economic
philosophy, and MS does not play by free market rules. I think the
government's role is ensure the market is as free as possible, which
paradoxically means enforcing the rules of the free market, as in
anti-trust legislation, etc. It just hasn't gone far enough, and under
recent administrations, the US's free market regulation, which was IMO
the best in the world, has been pretty thoroughly gutted, and/or the
Justice Department has been muzzled. Pity. The EU appears to have
overtaken the USA in enforcement of free market principles.

But that's just one side of the free market equation. A free market also
requires knowledgable customers, and that takes work. IMO, very few
people have grasped that the customer also has a responsibility to keep
the market free, by learning as much as possible about the products
(s)he is contemplating buying. I've seen ads that extol and encourage
the customer's _ignorance_ - you know, the ones that tell the
prospective buyer that they don't need to know all that geeky stuff,
just know of what's cool, and they won't go wrong. Good grief!

But enough of ranting.

Yeah enough ranting. it is not a Microsoft product. deal with it or
take it to the vendor. Your ranting against MS for another vendor's
product appears as really childish...

Brian

 

[David Frankenbach]

ignisfatuus,

Can you just make an entry in your local hosts file? I do this all the time
to prevent malware from reinfecting my daughter's computer.

df

 

[Karl Levinson, mvp]

That's actually a really good idea. e.g. 127.0.0.1
musicmatch's.servername.com

A software firewall would be the ideal way to stop this. This functionality
is really not built into Windows 2000. Windows 2000 TCP/IP filtering
techniques like IPSec can block access only per port, not per application.
So if the application uses a common port like TCP 80 that is used by other
applications, then the only options I can think of are an entry in the hosts
file for the host names the software tries to contact, a third party
software firewall, or using a proxy server that only lets requests from your
web browser or from authenticated users out to the Internet.

 

[Ignis Fatuus]

Not sure about that. I know what the HOSTS function is but am hesitant
to mess with it.

I do *not* want to use a sw firewall b/c it prevents Thunderbird and
other apps including the AV from working properly and I have neither the
time nor the inclination to mess with the advanced rules.

I had been previously using Sygate Personal firewall but am not
interested in messing with it any longer.

And ZA is *out* of the question. It is the biggest piece of bloatware
I've ever seen in my life. It used to be good circa 1999 but ever since
then it has become increasing bloated and if you try to eradicate it
from your system even following the detailed instructions, it acts like
the alien in the alien movies and completely f*cks your system.

I just want something that stops Musicmatch from phoning home without
having to worry about screwing with a sw firewall. Seems to me a router
should be able to accomplish this however if not, the IPSec works OK too.