I apologize for taking so long to respond on this...I was at a conference
the end of last week and could not get to my mail.
To answer Mark's previous question on what traffic it allows through, I was
able to ping the AOL IP address, but Zone Alarm caught it and blocked it
(as it should). I had attached netcat to listen on port 80 on the machine
and I could not get to it. I also attached it to some random high port and
was unable to get to it as well.
>I have a few dozen copies of AOL 6/7 lying around on my machine at home,
>and I don't remember having to explicitly do this, so I beleive you are
>correct. However, I'm curious as to whether Tyler was trying AOL <-> AOL
>file sharing, since the only traffic that would go out the AOL adapters
>would be for AOL network addresses.
I wasn't trying AOL <-> AOL file sharing. I had shared my C: drive thru MS
file sharing and could see that MS file sharing was listening on the AOL IP
address (with netstat -an).
My main concern is that the CERT paper said that they had documented
instances where Nimda and Code Red had infected people thru AOL thru the
"VPN" and it had bypassed the personal firewall installed. Although, since
I haven't been able to reproduce this at all, I wasn't sure if it was a
concern. Anyone at CERT care to comment on this?
For the record, my setup was as follows:
Internet <------> Windows Machine running ICS <------> Windows machine
with AOL client
via 192.168.1.1 192.168.1.2 &
AOL IP address
Earthlink
dialup
Tyler
