Hi, I'm using IE9 and Norton 360 for my firewall. I have my Ghostery settings to block all ads and when I open a webpage I can see my Ghostery bubble on IE9 showing which ads are being blocked and there's a line through the ads so appears it is working, but when I reviewed my firewall report for network activities it seems these ads are not being blocked because I see outbound activity going on from several ports. My firewall report even mentions the IP address and name of the marketing ad. Below is just one example from my firewall report, but from review of the report, my machine is sending outbound info. to all the ad companies and I don't see anything being successfully blocked.
Also, not sure if this creates a conflict with Ghostery, but on my IE9 Add-ons page, I also have several Protection company lists add blockers "enabled" e.g. Easy Privacy, Privacy choice.
Any suggestions will be greatly appreciated! Thanks!
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 5:32:58,Info,"Rule \"Internet Explorer\" permitted (ads2.msads.net (65.55.87.26), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (ads2.msads.net (65.55.87.26), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (51219) ).
Remote address, service is (ads2.msads.net (65.55.87.26), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 5:32:58,Info,"Rule \"Internet Explorer\" permitted (ads2.msads.net (65.55.87.26), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (ads2.msads.net (65.55.87.26), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (51219) ).
Remote address, service is (ads2.msads.net (65.55.87.26), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Help get this topic noticed by sharing it on
Twitter,
Facebook, or email.
Twitter,
Facebook, or email.
Ghostery bubble on my IE9 shows ads being blocked but my firewall report say it isn't.
-
Are you blocking Microsoft Notice (Privacy, not Advertising)?
Can you tell which web page(s) triggers these accesses?
Note that if Ghostery does block something, your firewall shouldn't see it.
-
-
Hi, on my IE9 I do have pop-up blockers setting turned on, set to medium high and not allow webiste to request my location. For tracking protection, here's the list of ad-blockers I have "enbabled" on my IE9 Add-Ons. The websites that triggers these accesses is basically any site I go into e.g. www.MSN.com or www.foxsports.com and any other website so not sure if Ghostery is working. The next section after the tracking protection list is an example of what my Ghostery bubble shows as being blocked when I go on www.MSN.com and below that is a list of sites that my machine sent outbound packets to per my firewall report.
List of Tracking Protection I have enabled on IE9 add-ons:
Name Abine
Status Enabled
Address http://www.abine.com/tpl/abineielist.txt
Name EasyPrivacy
Status Enabled
Address http://easylist-msie.adblockplus.org/...
Name Enhanced Privacy
Status Enabled
Address http://www.enhancedprivacy.eu/tpl/enh...
Name PrivacyChoice
Status Enabled
Address http://www.privacychoice.org/trackerb...
Name Stop Google Tracking
Status Enabled
Address http://ie.microsoft.com/testdrive/Bro...
Name Your Personalized List
Status Enabled
Name Abine
Status Enabled
Address http://www.abine.com/tpl/abineielist.txt
Name EasyPrivacy
Status Enabled
Address http://easylist-msie.adblockplus.org/...
Name Enhanced Privacy
Status Enabled
Address http://www.enhancedprivacy.eu/tpl/enh...
Name PrivacyChoice
Status Enabled
Address http://www.privacychoice.org/trackerb...
Name Stop Google Tracking
Status Enabled
Address http://ie.microsoft.com/testdrive/Bro...
This is the list my Ghostery bubble shows being blocked. I enabled all ads to be blocked and the Ghostery bubble shows a strikethrough line through each one of these:
Atlas
http://view.atdmt.com/action/MSN_Home...
http://view.atdmt.com/CNT/view/429772...
more info Audience Science
http://js.revsci.net/gateway/gw.js?cs...
more info DoubleClick
http://ad.doubleclick.net/ad/N1558.MS...?
more info Facebook Connect
http://connect.facebook.net/en_US/all.js
more info Microsoft Notice
http://col.stc.s-msn.com/br/sc/i/ff/a...
ScoreCard Research Beacon
http://b.scorecardresearch.com/b?c1=2...
more info Twitter Button
http://platform.twitter.com/widgets/f...
https://platform.twitter.com/widgets/...
http://platform.twitter.com/widgets/h...
Additional Info.:
I checked and I have both my IPv4 and IPv6 connections enabled and working for my machine at home. I have to note I am using OpenDNS' DNS addresses for both IPv4 and IPv6 and these are loaded on the DNS server settings on my machine as well as router. Also I have disabled the MS teredo tunneling adapter on my machine.
Not sure if relevant but I notice from the firewall report it appears my IPv6 (OpenDNS: 2620:0:ccc::2) opens a UDP connection just before my machine sends outbound packets to these sites, but those outbound connections are via TCP connection as you can see below. Netbios is enabled at the default setting which is to use the Netbios setting from the DHCP server. My machine says the Netbios is enabled over TCPIP. I don't see any inbound connections occuring from these sites to my machine, just all outbound.
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:28,Info,"Rule \"Host Process for Windows Services\" permitted (2620:0:ccc::2, Port (53) ). Outbound UDP packet.",Detected,No Action Required,Firewall - Activities
Rule "Host Process for Windows Services" permitted (2620:0:ccc::2, Port (53) ).
Outbound UDP packet.
Local address, service is (2002:4c16:3b3e:e472::1007), Port (60375) ).
Remote address, service is (2620:0:ccc::2, Port (53) ).
Process name is "C:\Windows\System32\svchost.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:28,Info,"Rule \"Internet Explorer\" permitted (secure.skype.com (91.190.218.18), Port https(443) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (secure.skype.com (91.190.218.18), Port https(443) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53164) ).
Remote address, service is (secure.skype.com (91.190.218.18), Port https(443) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:28,Info,"Rule \"Internet Explorer\" permitted (api.skype.com (91.190.218.17), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (api.skype.com (91.190.218.17), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53162) ).
Remote address, service is (api.skype.com (91.190.218.17), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:27,Info,"Rule \"Internet Explorer\" permitted (ads2.msads.net (65.55.87.75), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (ads2.msads.net (65.55.87.75), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53159) ).
Remote address, service is (ads2.msads.net (65.55.87.75), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:27,Info,"Rule \"Internet Explorer\" permitted (platform.twitter.com (93.184.216.139), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (platform.twitter.com (93.184.216.139), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53158) ).
Remote address, service is (platform.twitter.com (93.184.216.139), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:26,Info,"Rule \"Internet Explorer\" permitted (toolbarqueries.clients.google.com (74.125.193.138), Port https(443) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (toolbarqueries.clients.google.com (74.125.193.138), Port https(443) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53154) ).
Remote address, service is (toolbarqueries.clients.google.com (74.125.193.138), Port https(443) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:26,Info,"Rule \"Internet Explorer\" permitted (col.stc.s-msn.com (165.254.29.49), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (col.stc.s-msn.com (165.254.29.49), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53152) ).
Remote address, service is (col.stc.s-msn.com (165.254.29.49), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:25,Info,"Rule \"Internet Explorer\" permitted (api.bing.com (216.156.225.49), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (api.bing.com (216.156.225.49), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53151) ).
Remote address, service is (api.bing.com (216.156.225.49), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:24,Info,"Rule \"Internet Explorer\" permitted (col.stb00.s-msn.com (204.0.3.129), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (col.stb00.s-msn.com (204.0.3.129), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53147) ).
Remote address, service is (col.stb00.s-msn.com (204.0.3.129), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-06-24 13:19:24,Info,"Rule \"Internet Explorer\" permitted (wst.s-msn.com (23.4.102.135), Port www-http(80) ). Outbound TCP connection. ",Detected,No Action Required,Firewall - Activities
Rule "Internet Explorer" permitted (wst.s-msn.com (23.4.102.135), Port www-http(80) ).
Outbound TCP connection.
Local address, service is (192.168.1.2), Port (53146) ).
Remote address, service is (wst.s-msn.com (23.4.102.135), Port www-http(80) ).
Process name is "C:\Program Files\Internet Explorer\iexplore.exe".
Thanks again! -
Loading Profile...




CHAMP
