On 19 Jul 2006 at 23:24, McPeak, Harry D. wrote: > ...I don't understand the significance of what your suggestion and have ... no idea how to check and/or fix the problem. Help again???
A "proxy" is a middleman. In the case of a web proxy, when you go to fetch something, instead of opening an HTTP connection to the remote site you open a connection to the proxy and *it* [in turn] opens the connection to the remote site on your behalf, fetches the info, and forwards it back to you. It can be very hard (occasionally impossible) to sort out exactly how and where a proxy is set up. The simple situation is when you have an *explicit* proxy set up. You can check that by going to "INternet Options" and on the connections tab, check whether any have "use a proxy" checked for any connection. BUT: even if you're *not* explicitly using a proxy, your ISP may have one spliced in [we used to do that: we ran a "cache" and so every customer web-request was automatically [and mostly invisibly to the customer] redirected to the cache server -- and when the cache server screwed up the customers would see exactly the symptoms you described!]. Similarly, right now I have satellite at home and Hughesnet has a "hidden" proxy server that sits between me and the web. In this latter case there's little you can do other than contact your ISP to see if the problem lies there. One way to check a bit: first, ensure that IE is *NOT* set to do any proxying [via the 'connections' tab]. If it is, then you need to contact your ISP or LAN-admin to find out about how that should be set up. If it is *not*, and IE still won't connect to non-HTTPs sites, then try this: open up a command prompt and type "telnet <SOMESITE> 80" [for example, I just experimented with "telnet www.nytimes.com 80"]. If the connection opens, type "GET /" [note the caps!!]. If that works, then something stranger is afoot and you'll need to do some deeper digging. If the telnet *doesn't* work, then that gives you a hint that your port-80 [=web] connections are somehow getting diverted to something that isn't working properly. The reason why 'secure' sites work even when a proxy is screwing up your normal-web access has to do with certificates. The SSL connection for a secure web access provides *TWO* security functions. The only one that most people are aware of is "privacy" -- that is, it encrypts the data stream. But the second one, although less well known, can be *more* important [for example, it can/should be your first line of defense for detecting phishing attempts], and that's "authentication". If you go to a secure site, and so you have that little lock in the status bar at the bottom, you'll find that if you double-click the lock you'll see a popup with "Certificate information" -- this actually identifies [VERY securely and assuredly!] the server on the other side of the connection. [and so if you think you've just been sent to, say, a SunTrust website, you can click on the 'lock' and verify that you actually ARE at a SunTrust site] Anyhow, the nature of the authentication machinery is such that proxies can't do it [basically, if you checked the certificate, it would *always* be the proxy's certificate and never be the actual remote-host's certificate, so you'd never be able to check that you're properly connected, so as a rule proxies just leave "secure" connections alone. I know this isn't going to help much [and I can see you covering your ears running away from your display saying "too much information; too much information"] but I think this kind of thing can be very complicted to sort out. Your biggest/only hint is that secure web access works but non-secure access doesn't and that says to me "proxy problems", but beyond that sorting out a broken proxy can be VERY tricky. [and, indeed, the problem could well be something else [and, with luck, something simpler: it is just that the symptoms you described _seemed_ to fit the "proxy problem" mold and I can't really think of any other obvious problem that'd cause those symptoms]. /Bernie\ -- Bernie Cosell Fantasy Farm Fibers mailto:[EMAIL PROTECTED] Pearisburg, VA --> Too many people, too few sheep <-- -- ---------------------------------------- The WIN-HOME mailing list is powered by L-Soft's renowned LISTSERV(R) list management software. For more information, go to: http://www.lsoft.com/LISTSERV-powered.html
