ECS-L Home Automation and Security Archives
  learn more | view messages for this month | NetBloc® | terms of use | search

Google
 


  subject (prev) or (next) | time (prev) or (next) | author (prev) or (next) | view more subjects

Subject:
From:
Date:		 RE: [ECS] Remote IE5 access problem -Reply
Martin Terry
Wed, 19 Apr 2000 13:56:26 -0700
An easy way to test if you are actually using values from your host file is
to shell to a dos prompt and type 

ping mark

This should automagically resolve to the ip you want and show the IP address
in the subsequent pings.

If it comes back and says it can't resolve "mark" then your host file isn't
setup correctly.

-----Original Message-----
From: Brad Chamberlain [mailto:bchamberlain@lmberry.com]
Sent: Wednesday, April 19, 2000 1:44 PM
To: ecs-list@netbloc.com
Subject: Re: [ECS] Remote IE5 access problem -Reply


Mark,

You need to rename the file with no extension. That is just a sample file.

Brad

>>> Mark Gilmore <omnip@usit.net> 04/19/00 04:25pm >>>
Hi Ingo,
I just:
1) Exited IE5
2) Disconnected
3) Appended my ECS host info to HOSTS.SAM (shown below)
4) Re-connected
5) Re-started IE5

This had no effect.
I assume that I am using the correct file
(there is no other file which looks applicable).
Perhaps I need to reboot ?
The address noted in the error message
("DIALUP685.TNKNO2.USIT.NET")
worries me.
What IS this thing ?
Shouldn't this be my ECS-host IP address ??

I don't understand this statement:
	> The only real solution would be to not use the host name at all.
From
the
	> stack trace, I can tell that you are concatenating a string that
contains
	> the host name. Don't do it, and you will resolve this security
exception
	> (of course, there may be others).

What am I "concatenating" ??
"ecs_host" is a string containing "216.80.146.195".
I append the port# only in the displayed msg (not the string).
To connect, I am calling "socket(ecs_host, ecs_port)".
If you think it would make a difference, I could call the
other socket method whereby I pass an actual internet address
(instead of a host name string). Is this what you mean ?

Thanks

\WINDOWS\HOSTS.SAM:
# Copyright (c) 1994 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Chicago
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost
216.80.146.195  mark
-- 
Mark Gilmore
Omnipotence (ECS home automation software)
http://www.usit.com/omnip
423-745-0026
Hours: Mon-Sat, 9AM-8PM/EST


Ingo Pakleppa wrote:
> 
> I can think of two other possibilities besides Microsoft's SDK: a
different
> JVM version, and a simple security problem. I am almost positive it is
the
> latter.
> 
> In fact, the stack trace you show below indicates that this is a security
> problem; getHostName fails with a SecurityException when it tries to
> connect somewhere.
> 
> I looked up the checkConnect in Microsoft's Developer Network, and
found
> that it will ALWAYS throw a security exception. But getHostName may
not
> always call checkConnect.
> 
> Here is what I think happens:
> 
> Ecsio.connect() tries to find out the host name for a given IP address (it
> looks like you try to append the host name to some other string when
the
> exception happens).
> 
> getHostName() first tries to see if this is the local IP address, or if it
> can resolve the IP address through the HOSTS file. If that succeeds,
you
> are done, and you can access ECS.
> 
> If the IP address is not in the local hosts file (or if you turned off
> using the hosts file, or if sun and moon are not at the right angle),
> getHostName() needs to query a DNS server (typically either your
proxy, or
> your ISP). To do that, getHostName first needs to open a socket
connection
> to the DNS server (it uses UDP rather than TCP, so there is no real
> "connection", but that's immaterial here). Alas - opening a socket
anywhere
> but where the applet came from is disallowed in an applet! Thus the
> exception you are seeing. So the same code succeeds on your main
ECS
> machine simply because that machine of course knows it's own host
name.
> 
> I can make one suggestion to test the theory: add your ECS machine to
the
> HOSTS file on your second machine. If things start to work, you know
that
> my theory is correct.
> 
> However, this is NOT the ultimate solution to the problem. There are
many
> people who for one reason or another cannot change the HOSTS file
(for
> instance, if they want to check their ECS status from a computer at
work,
> their sysadmin would kill him, plus the firewall might also prevent this
> method from working!)
> 
> The only real solution would be to not use the host name at all. From
the
> stack trace, I can tell that you are concatenating a string that contains
> the host name. Don't do it, and you will resolve this security exception
> (of course, there may be others).
> 
> Ingo
> 
> At 01:37 PM 4/19/00 -0400, Mark Gilmore wrote:
> >Well, I'm also having a problem accessing ECS remotely with IE5.
> >However, I CAN access it with IE5 on the ECS PC using the SAME
URL
> >(???).
> >The remote PC DOES have the "MS VIRTUAL MACHINE" installed, but
> >does NOT have the JAVA SDK installed (as does the ECS PC).
> >I guess I'll have to install it, as this is the only difference
> >that I know of (I've already compared all setup parameters).
> >
> >Ecsio:init:ecs_host=216.80.146.226:3000
> >Ecsio:start:connect
> >com.ms.security.SecurityExceptionEx[Ecsio.connect]: cannot connect
to
> >"DIALUP685.TNKNO2.USIT.NET"
> >         at com/ms/security/permissions/NetIOPermission.check
> >         at com/ms/security/PolicyEngine.deepCheck
> >         at com/ms/security/PolicyEngine.checkPermission
> >         at com/ms/security/StandardSecurityManager.chk
> >         at com/ms/security/StandardSecurityManager.chkex
> >         at com/ms/security/StandardSecurityManager.checkConnect
> >         at java/net/InetAddress.getHostName
> >         at java/net/InetAddress.toString
> >         at java/lang/String.valueOf
> >         at java/lang/StringBuffer.append
> >         at Ecsio.connect
> >         at Ecsio.start
> >         at com/ms/applet/AppletPanel.securedCall0
> >         at com/ms/applet/AppletPanel.securedCall
> >         at com/ms/applet/AppletPanel.processSentEvent
> >         at com/ms/applet/AppletPanel.run
> >         at java/lang/Thread.run
> >--
> >Mark Gilmore
> >Omnipotence (ECS home automation software)
> >http://www.usit.com/omnip
> >423-745-0026
> >Hours: Mon-Sat, 9AM-8PM/EST
  subject (prev) or (next) | time (prev) or (next) | author (prev) or (next) | view more subjects



Services provided by [NetBloc]®! NetBloc Solutions Inc.
Terms of use. Indexing software (c) 1999 Lin-De, Inc .