Tuesday, March 29, 2011


For the first time in a while, saw an outgoing packet that I didn't recognize.

It was a TCP packet sent to This seems to be part of the telia.net domain, though this address doesn't actually have a domain name. Telia is a Swedish IP that extends throughout Europe. Hostsearch says the address is maintained by Akamai, which is based here in Cambridge MA, but that it's located in London - so this is an Akamai International host, accessed through the Telia network. The packet was sent by one of those generic svchost.exe processes, and I didn't notice it in time to see if netstat could have told me anything else.

The host has open http ports - my packet was sent to port 80, so maybe it was an attempt at opening an http session. Maybe some Microsoft component was checking for an update - I've noticed before that Microsoft updates are often hosted on Akamai servers - but it's weird that it tried with a single packet and gave up. Other option (more likely maybe) is that it was a long delayed "close connection" packet, from a website I had opened much earlier - the web browser had been closed for a while, though I don't remember how long it had been.

The packet was sent from port 22095. This doesn't appear to be associated with anything interesting...

Oh well, this was pretty boring.

Friday, March 25, 2011

How To Escape the Web

I have finally found a browser configuration that can reliably keep me from screwing around on the internet.

For a while I've had the Leechblock add-on for Firefox, which lets me dynamically (i.e. on-the-spot) add a site to a list, and then keep me from seeing it for some period of time. But I figured out early on that I could remove sites from the list with just a little work. Apparently, I just didn't know how to use Leechblock to the fullest of its abilities, because it's also possible to set it so that no changes at all to its configuration - except for adding addresses - are possible outside certain circumstances, which can be made very restrictive.

So, with Firefox, I am now prohibited from visiting my favorite places to read, visiting my favorite forums, and periodically checking Facebook to make sure that, still, no one has left me any messages.

But that leaves IE, which I quickly discovered is basically un-uninstallable. You can roll back to earlier versions, but you cannot, without more expertise than I have, remove it from XP. So I persisted this way for a while, with an old version of IE that at least made me nervous to go wandering around the web, for fear of Java trojans. I could sneak over to stupid IE to check for Facebook messages, or to see what the others were talking about on the forums, or to see what country was on fire today. I was basically controlling myself relatively well, but still not satisfied.

Solution: rather than try and figure out whether there's some Leechblock equivalent for IE, I rolled IE back up to the current version, went into the "content advisor" settings, and told it not to let me visit any websites that I haven't already rated as okay. I'm not even sure what a content advisor rating is - I was just testing to see what the setting did. It prevented me from looking at basically any website at all, making IE useless. But the key is that the content advisor has a password option, so that without the password you can't change the settings.

I set the password to something I made up on the spot, and I have no idea now what it was. It was actually a word, something like arduvon or.. I remembered it for a few minutes afterwards, and worried that I had memorized it, but it's gone!

I'm not completely protected, however. I could always download Chrome or something else, or roll IE back again. The first option can be prevented by just adding the Chrome site to the Leechblock list.

Anyways, I'm pretty satisfied with this.