peter.stendahl-juvonen at welho.com
Wed Jul 31 22:29:39 GMT 2002
Keith, Roger, et al.
Excellent addenda! The link provided by Roger puts all pieces in place.
As you can see at
http://richmedia.doubleclick.net/banners/tangozebra.htm TangoZebra is a
java banner technology based in the United Kingdom, one of the Key
Limitations of which: Only actively working with UK clients right now.
-In other words exotic for the rest of us yet.
My previous response should, hence read:
Keith, et al.
Could you please check the following?
1) On the page where your browser takes you when you launch it can you
spot spaces on that page with text "Requested Page cannot be displayed"
or something alike it, in places where banner ads would normally occur?
2) You might check this by
a) Keeping "ad.uk.tangozebra" in your firewall's blocked zone or
b) Possibly by the privacy settings of your firewall
3) By having "ad.uk.tangozebra" in the restricted or blocked zone your
firewall prevents IE from connecting to the point of control for the
4) Perhaps the "ad.uk.tangozebra hit ZAPro numerous times with scans
which ZA rejected. In view of the number of scans I put the entire ISP
space (Intellispace Inc) into ZA blocked zone." in your original post
may indeed have reflected to the control mechanism of this
unconventional banner ad technique. And the cause of the "attacks"
logged on your firewall. Nevertheless it sounds quite harmless to me.
Besides you were, and are protected by your firewall, otherwise you
would not have seen the alerts or firewall log entries in the first
5) Keeping "ad.uk.tangozebra" in your firewall's blocked zone or
possibly blocking the ads by the privacy settings of your firewall may
give peace of mind, but are not a necessity from a security viewpoint.
6) Would be happy to know your final judgement. Thanks in advance for
report and best of luck.
"Forewarned, forearmed; to be prepared is half the victory."
Miguel de Cervantes (1547 - 1616) Spanish novelist, dramatist, poet.
| -----Original Message-----
| From: list-admin at dshield.org [mailto:list-admin at dshield.org] On Behalf
Of Roger Shady
| Sent: Wednesday, July 31, 2002 8:49 PM
| To: list at dshield.org
| Subject: Re: [Dshield] ad.uk.tangozebra
| Have you tried a Google search for Tangozebra? As much as I dispise
DoubleClick, here is how
| they describe
| Good Luck
| Keith G wrote:
| > Hi All,
| > Hope someone can help a home user with a problem. ad.uk.tangozebra
| > numerous times with scans which ZA rejected. In view of the number
| > I put the entire ISP space (Intellispace Inc) into ZA blocked zone.
| > since then when I connect and fire up IE5.5sp2, I get an ACCESS
| > "Your computer was prevented from connecting to a restricted site
| > (188.8.131.52:80)" Direction: Outgoing (connect).
| > The program is shown as Internet Explorer.
| > I therefore denied access to all programs except IE and Nav. On
| > I still got the ACCESS warning message. I understand "tangozebra"
| > of the doubleclick cookie, I have run Adaware with the lastest sig
| > found nothing. I also use Cookiewall, which automatically deletes
| > doubleclick if received when online. Nav virus check found nothing,
| > Swatit a trojan+bot finder.
| > I have cleaned out the browser history file and temp internet files.
| > looked in the cookies folder but can`t find any references to
| > doubleclick. I am at a loss as to what to do next.
| > Any help would be greatly appreciated.
| > PS I am not too computer literate, so if I need to delve into the
| > of the Registry, I would need step by step instructions.
| > Keith G
| > _______________________________________________
| > Dshield mailing list
| > Dshield at dshield.org
| > To change your subscription options (or unsubscribe), see:
| Dshield mailing list
| Dshield at dshield.org
| To change your subscription options (or unsubscribe), see:
More information about the list