This page is being left up for historical perspective and to provide pointers for avoiding similar software. However all RedZone devices are now defunct. They cannot harvest your data and their creator is in jail. There is no need to avoid RedZone itself any more
Keep in mind that there is NO WAY to avoid being scanned by a RedZone no matter what they claim, unless you are a Linden.
So says zFire Xue on his RedZone site to spyware owners panicking about the effectiveness of Greenzone, the free Redzone detector.
To be clear, Greenzone works, but zFire is right that by the time Greenzone warns you of Redzone spyware on a sim, you have already been scanned. He is telling fibs, however, when he says you cannot avoid being scanned (he tells lots of fibs. His ability to con people somewhat surpasses his abilities as a programmer).
Second Life marketplace has some very expensive notecards which will tell you exactly how to avoid being scanned. But to save you the money, here is what you need to know.
If you are (rightly) concerned about Redzone spyware, there are three steps you can take to protect yourself.
1. Disable Media
Redzone uses a security hole in SL Parcel Media. To avoid this security hole, switch off your media settings. Click:
edit/preferences and click “audio and video”. Uncheck “enable streaming music”, “enable streaming media” and also “automatically play streaming media” in the settings. Also do not allow scripts to control your media settings. This is the best defence against redzone and other spyware devices.
Unfortunately there is a problem. Some land owners use redzone in dance clubs. The enjoyment of these clubs can be somewhat marred by unchecking your media settings! What else can you do?
2. Disable Cookies
Click edit/preferences. Click the web preferences option and uncheck the “accept cookies” checkbox.
This on its own will not help much. Do it anyway though. Cookies are not good for your privacy!
3. Block isellsl.ath.cx
This tip will stop redzone dead. Be warned though that at some point zFire will read this blog (you will know he has done so when he adds a comment claiming this doesn’t work. See above regarding fibs). Until he works around it, blocking isellsl.ath.cx will kill all known redzones dead. They will not be able to fool you into sending data back to base because the system relies on your client sending an HTTP GET request to that site.
The obvious work around will be for zFire to change the site DNS name (although this is a pain in his butt because he has to roll out the change in a new version of the software. Also he is using a free DNS service that limits the number of domain names he can have unless he starts paying for them). If and when he does this, the block will no longer protect you. For maximum security, keep streaming media off except on sims you trust. Greenzone can help you decide whether it is safe to switch on streaming media, but its an arms race with spyware writers. Whatever Greenzone detects, zFire will attempt to work around. Media off is safest.
EDIT: zFire has been reading this blog, and others have been contributing new domains that he owns and could be used for RedZone. It will not harm to add all of these, but I have only observed RedZone attempting to uses isells.ath.cx and isellsl.com. The latter appears to be broken though. The domains hamlinpro.com and girlsofthevip.com resolve to zFires Mac that he uses for harvesting so could be used. zfire.isellsl.com resolves elsewhere but he could update it to point home. Thus if you are updating your hosts file now, I advise adding all the domains, but there is still no evidence that just blocking isellsl.ath.cx will not protect you completely.
How do you block that site?
There are several ways. If you have a firewall you may be able to just black list the site for outgoing connections. Thereafter all data to the site will be dropped. Test this by loading the site in your web browser. If you see the site, the block failed. Keep playing with your firewall.
But the other quick and dirty fix is to add these to your hosts file:
in Linux or on a Mac, you need to open /etc/hosts in your favourite text editor and add these lines.
If you are not sure how, here is the step by step instruction on a Mac. The instructions for Linux will be almost identical, depending on flavour. If you are running Linux you probably know how to do this already.
Start Terminal (type terminal in search if you never used it before)
In the terminal window type:
sudo emacs /etc/hosts (enter your password when asked) Use arrow down keys to move to the end of the file add: 127.0.0.1 isellsl.ath.cx 127.0.0.1 isellsl.com 127.0.0.1 girlsofthevip.com 127.0.0.1 hamlinpro.com ctrl-x and ctrl-s to save the file ctrl-x and ctrl-c to exit
On a Windows based PC, the file is in your WINDOWS folder (whatever that is called, but assuming it is C:\WINDOWS):
If you edit in notepad, take care it does not gain a .txt extension. The file should have no extension. You probably need to be logeed in with administrative privileges to change this file.
Again test the block by going to the website. If you see the website, keep trying or post a comment here.
Take care and stay safe.