?Possible False Positive? - Redirected Host File

T

TreeHead

New member
One listed problem which was displayed in red was "Microsoft Windows.Redirected Hosts" (see below).
However, as I use the Spybot HOST tool with each new update, I wonder if this could be a mistake or some sort of conflict? I am reluctant to allow Spybot to correct the problem. Can someone with more knowledge about this possibly advise. Thanks.

Redirected host
www.net-integration.net=127.0.0.1

Redirected host
net-integration.net=127.0.0.1
 
The Spybot HOSTS file is adding the following two (2) entries to the HOSTS file:
And then the scan is detecting those entries as Redirected host entries:

Code: 
Microsoft.Windows.RedirectedHosts: Redirected host (Redirected host, nothing done)
  net-integration.net=127.0.0.1

Microsoft.Windows.RedirectedHosts: Redirected host (Redirected host, nothing done)
  www.net-integration.net=127.0.0.1
 
Last edited:
hi,

yes there is a false positive. The hosts file is correct: net-integration is supposed to get blocked, since they sell Spybot S&D without license.

The false positive is the flagging and removal of the the blocked net-integration sites. We will correct this with the next update.

Thanks for reporting.
 
Thanks for the replies. At present time I'll NOT proceed to have Spybot correct the problem and wait for the next update. Regards.
 
I confirm FAUST's report:

Code: 
--- Report generated: 2007-05-23 09:03 ---

Microsoft.Windows.RedirectedHosts: Redirected host (Redirected host, nothing done)
  net-integration.net=127.0.0.1

Microsoft.Windows.RedirectedHosts: Redirected host (Redirected host, nothing done)
  www.net-integration.net=127.0.0.1
 
Hi. I don't quite understand why net-integration.net is blocked just because it possibly has an unhappy business relationship with Safer Networking. I thought restricted sites placement in IE was intended only if it was a bad site for illegal or damaging reasons, such as extreme pornography and gambling, exploits, dubious downloads etc. That site passes testing by both LinkScanner Pro and Site Advisor and therefore is not a bad site per se: I have no particular axe to grind as I'd never heard of that company before.
If I am missing something obvious, please enlighten me.
 
hi,

thanks for reporting, looks like we forgot to upload the new security.sbi :oops:
we are going to correct this soon :rolleyes:


@greenhatch
the issue with net-integration is that they actually sell Spybot S&D without having a license for that. We just found out about that recently , and before we had no reason to block the site and unblocked (security.sbi) it instead.
 
The false positive appears to have been corrected with the following update:
  • Detection rules: Security - !Updated base security exploit detections (8 KB) - 2007-05-24
 
You're welcome Carol.
__________________

Actually I somewhat expected an update to this thread or a post in the Announcements forum when the problem was fixed and the update to the security.sbi was made available.

Near the close of business hours in Germany, I decided to check for updates just in case no notification was forthcoming. After receiving an update to the security.sbi file and verifying that the "Redirected host" of "net-integration.net" was no longer being detected, I posted thinking that others may have been waiting for notification also.
 
'I posted thinking that others may have been waiting for notification also.'


FWIW. Your efforts were not for naught. This "other" knew it wasn't a "major thing", but I was waiting for notification and checked this thread "first thing". Never expecting what I saw. So your thoughts were very correct! At least in my case. :flowers:

Thanks again..
Carol
 
Sol..

If I'm understanding what you wrote, this is the best I can explain it:

'....but net-integration is still restricted'

That was the ultimate purpose. If you read the prior page, you'll see where Yodama has written, 'the issue with net-integration is that they actually sell Spybot S&D without having a license for that. We just found out about that recently , and before we had no reason to block the site and unblocked (security.sbi) it instead.' In other words, net-integration is supposed to get be restricted.

After the 2007-05-24 correction, you should not have the scan detecting the entries as Redirected host entries, if per chance you did and still are. If that be the case, I'm sure one of the Spybot Team will address it and help.

Carol
 
Still Detecting

The Spybot scan is still detecting net-integration. I don't want it detected and I don't want it restricted when I click on it. Any solutions?
 
My experience was that the update corrected the Redirected host entries. The bookmarks or links from Net-Integration, which were still detected after the update, I had to "fix" myself. I'm statisfied with the restriction. Sorry, I can't be of further help. :sad:
 
Yodama:

There is a note on the Home page of net-integration.net (http://www.net-integration.net/) as follows:

May Announcement Update:

In recent weeks we received several license renewal orders from former resellers for Spybot Search & Destroy Intranet Update Server. After a bit of confusion the orders are now in the correct place for processing. Please note Net Integration no longer provides licenses for Spybot Search & Destroy Intranet Update Server ( Please refer to Safer-Networking ) nor do we contract resellers to license any of our current available products or services.
Click to expand...
If their statement is true is there a need to restrict access to the site any longer?
 
thanks for the info,

as it seems net-integration is currently offline.
We will keep you updated on how this issue developes.

Currently I cannot confirm the statement made by net-intergration.
 
You must log in or register to reply here.
Back
Top