dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 2 hours ago, Undertaker said: 14 hours ago, dcs18 said: They have adopted a completely new implementation which causes every connection to loopback — as a test example you can try all those 27 block IPs on Firefox instead of IDM and surf their site. But could it bypass IPSec in this way? Oh yes, of course — once anything bypasses the firewall, it bypasses the IPSec, too (the IPSec is below the firewall in the food chain.) Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 1 hour ago, Undertaker said: 3 hours ago, Undertaker said: I'm assuming hosts ain't working either, you tried that I think, what was the result? Yeah hosts is not working either, it's only able to block the connection partially. Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 Router, CIDR, Adguard Block works IPSec, Hosts, IP Block not working So now what? I think Dave left Martau behind in fixing stuff Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 This is the key — we must find a way to segregate outbound svchost.exe UDP traffic on port # 53:— Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 2 hours ago, dcs18 said: This is the key — we must find a way to segregate outbound svchost.exe UDP traffic on port # 53 Just tried it out, seems difficult Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 3 hours ago, Undertaker said: Router, CIDR, Adguard Block works IPSec, Hosts, IP Block not working So now what? The Bad News:— Have not even tried Router blocking because most of my clients use their laptops on different routers — that's a dangerous stunt (even for nSane Users). CIDR is the fools paradise — IPs of nearly half the globe are needlessly blocked (it's better to use a trial reset — or, even a patched IDM.) Adguard blocking does not go well with my deployment scheme of things — as discussed in our world record-beating status report. The Good News:— Firewalling continues to work. Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 1 hour ago, dcs18 said: Have not even tried Router blocking because most of my clients use their laptops on different routers — that's a dangerous stunt (even for nSane Users). I can see the problem. 1 hour ago, dcs18 said: CIDR is the fools paradise — IPs of nearly half the globe are needlessly blocked (it's better to use a trial reset — or, even a patched IDM.) I admit that I'm still learning CIDR and that's why the mess But the other guy's topic in same sub-forum has it trimmed down to just a few. 1 hour ago, dcs18 said: Adguard blocking does not go well with my deployment scheme of things — as discussed in our world record-beating status report. Activation was handled way back http://www.nsaneforums.com/topic/222515-compilation-of-tutorials-guides-tips-updates/?page=136#comment-977615 And it still continues to hold good. 1 hour ago, dcs18 said: Firewalling continues to work. Ofc, nothing supersedes it. Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 Can you try this — navigate to C:\Windows\System32\drivers and backup idmwfp.sys before deleting it. I could be wrong but just cross-checking to see whether this is a proxy driver that is using svchost.exe to divert IDM IPs — at this point, my IDM is in no condition. Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 7 minutes ago, dcs18 said: Can you try this — navigate to C:\Windows\System32 and backup idmwfp.sys before deleting it. I could be wrong but just cross-checking to see whether this is a proxy driver that is using svchost.exe to divert IDM IPs — at this point, my IDM is in no condition. In that very location, there is no idmwfp.sys file(even after showing hidden files/folder) Link to comment Share on other sites More sharing options...
bubbada Posted June 6, 2017 Share Posted June 6, 2017 6 minutes ago, dcs18 said: Can you try this — navigate to C:\Windows\System32 and backup idmwfp.sys before deleting it. I could be wrong but just cross-checking to see whether this is a proxy driver that is using svchost.exe to divert IDM IPs — at this point, my IDM is in no condition. idmwfp.sys on x86 windows 7 is in C:\Windows\System32\drivers\ Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 11 minutes ago, dcs18 said: Can you try this — navigate to C:\Windows\System32\drivers and backup idmwfp.sys before deleting it. I could be wrong but just cross-checking to see whether this is a proxy driver that is using svchost.exe to divert IDM IPs — at this point, my IDM is in no condition. Ok found it, backed up now what you want me to do? BTW I suspect it's the driver file which is necessary for IDM functioning, capturing downloads etc. Adguard too uses a WFP driver, that's why I have some hint. But let's proceed with what you want me to try. Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 Delete or rename it — it won't bite your ass. 4 hours ago, dcs18 said: This is the key — we must find a way to segregate outbound svchost.exe UDP traffic on port # 53:— This must be making Dave very nervous. Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 2 minutes ago, dcs18 said: Delete or rename it — it won't bite your ass. Done, next? Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 Reboot and start testing for any sign of loopback — on IDM and also on their site with your browser (firewalled with the 27 IPs.) Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 Just now, dcs18 said: Reboot and start testing for any sign of loopback — on IDM and also on their site with your browser (firewalled with the 27 IPs.) Be back in 5 Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 7 minutes ago, dcs18 said: Reboot and start testing for any sign of loopback — on IDM and also on their site with your browser (firewalled with the 27 IPs.) After reboot, when you first open up IDM, it gives a UAC prompt because it wants to install the driver file(that we deleted) So the file is back in its original location. So deleting that file will render IDM to not open. 6 minutes ago, Undertaker said: Be back in 5 Back early because testing ended prematurely Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 To combat this new issue why don't we do with idmwfp.sys, what we did with the IDM Helper? Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 Just now, dcs18 said: To combat this new issue why don't we do with idmwfp.sys, what we did with the IDM Helper? Dummy file? Link to comment Share on other sites More sharing options...
bubbada Posted June 6, 2017 Share Posted June 6, 2017 i just pressed no in the UAC prompt and idm popped up afterward, but it seems to do want to install it every time u load up idm again if closed. Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 7 minutes ago, Undertaker said: 8 minutes ago, dcs18 said: To combat this new issue why don't we do with idmwfp.sys, what we did with the IDM Helper? Dummy file? Yep. 12 minutes ago, Undertaker said: After reboot, when you first open up IDM, it gives a UAC prompt because it wants to install the driver file(that we deleted) So the file is back in its original location. 6 minutes ago, bubbada said: i just pressed no in the UAC prompt and idm popped up afterward, but it seems to do want to install it every time u load up idm again if closed. Wow — how do you guys manage to live with the Microsoft UAC? Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 12 minutes ago, dcs18 said: Yep. Same result, it wants to install that file. If you click no at UAC prompt, it will popup every time you open IDM and if you click yes, it will place the file at its location replacing the dummy file(even when the dummy file was made read-only). 12 minutes ago, dcs18 said: Wow — how do you guys manage to live with the Microsoft UAC? 13 minutes ago, bubbada said: i just pressed no in the UAC prompt and idm popped up afterward, but it seems to do want to install it every time u load up idm again if closed. You're using Comodo right? It's bypassing there too? Link to comment Share on other sites More sharing options...
bubbada Posted June 6, 2017 Share Posted June 6, 2017 idm must do a hash file check or something in those lines? Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 55 minutes ago, Undertaker said: 2 hours ago, dcs18 said: Adguard blocking does not go well with my deployment scheme of things — as discussed in our world record-beating status report. Activation was handled way back http://www.nsaneforums.com/topic/222515-compilation-of-tutorials-guides-tips-updates/?page=136#comment-977615 And it still continues to hold good. Activation was just the insignificant part — recently, I deployed uBlock and uMatrix (replacing Adblock Plus) and actually experienced myself getting old. Just want to live a full, peaceful life. Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 1 minute ago, dcs18 said: Activation was just the insignificant part — recently, I deployed uBlock and uMatrix (replacing Adblock Plus) and actually experienced myself getting old. Just want to live a full, peaceful life. They are good but not to my taste. @Ice Frog here uses my rule and some customized rules for ublock to make nsane dark theme(You remember how I wanted it black). ublock fully supports the style modifier, Adguard only supports it partially. But Adguard has it's own CSS injection thing. I would have posted the rules but since I don't use uBlock, I don't have them. Link to comment Share on other sites More sharing options...
dcs18 Posted June 6, 2017 Author Share Posted June 6, 2017 6 minutes ago, 0bin said: 29 minutes ago, dcs18 said: Activation was just the insignificant part — recently, I deployed uBlock and uMatrix (replacing Adblock Plus) and actually experienced myself getting old. Just want to live a full, peaceful life. +1 for uMatrix, is nice isn't it? uMatrix is indeed awesome — it replaced 3 add-ons, for me (including the venerable NoScript — my very first add-on.) I keep switching between uBlock and Adblock Plus — but, uMatrix has been a constant denominator. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.