Re: ZoneAlarm & KB951748 - My Fix Works!
I'm going to enlighten you once and for all, you stupid fool, Gis Bun!
(Before the latest ZoneAlarm update)
Option 1
What to do - Move the slider from Stealth to Medium.
What it does - Enables all outgoing ports. (and more)
Option 2
What to do - Uninstall KB951748.
What it does - Leaves you vulnerable.
Option 3
What to do - Uninstall ZoneAlarm and use the Windows firewall.
What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port control.
My Option 4
What to do - Only allow limited outgoing ports.
What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only a few
outgoing opened ports. Almost full security maintained.
ju.c
"Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
news:BBD11B44-51EB-4F35-89B7-0FD3B5E78EF3@microsoft.com...
> Now I'm not a network security expert, but I do know [and probably
> obvious]
> that the less you enable to the Internet, the better.
>
> When someone tries to hack into your system [all this of course is an
> example], they will use a utility to scan ports to see which are
> accessible.
> Once the port is open, they could have access to your PC.
>
> Alternatively, if your PC was infected with a trojan and you opened a
> bunch
> of ports, the trojan may be programmed well enough to exit your PC
> through an
> open port.
>
>
> "ju.c" wrote:
>
>> I've asked this question a few times before, how is it possible to be
>> so
>> dumb?
>>
>> What ports are opened?
>>
>>
>> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
>> news:E7686D89-322C-4807-AE48-FCBD11B74D9C@microsoft.com...
>> >
>> > You don't want to open up ports as it opens up a can of worms. Your
>> > suggestion opens around 2920 TCP and UDP ports.
>> >
>> > Take ZoneAlarms section option. It is the most secure.
>> >
>> > "ju.c" wrote:
>> >
>> >> ZoneAlarm & KB951748 - Where's my internet?
>> >>
>> >> My solution that actually works after trying all those below and
>> >> on
>> >> every other post, and you can keep all your other settings alone:
>> >>
>> >> 1. Open ZoneAlarm's 'Firewall' tab.
>> >> 2. Click the 'Custom' button under 'Internet Zone Security'.
>> >> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing
>> >> UDP
>> >> ports'.
>> >> 4. Check it and enter "80-3000", click 'Apply' button.
>> >> 5. Do the same for 'Allow outgoing TCP ports'.
>> >> 6. Click OK.
>> >>
>> >> * The range "80-3000" is just a guess on my part, if anyone knows
>> >> a
>> >> better range please post it.
>> >>
>> >> Please post success or failure, thank you.
>> >>
>> >>
>> >> ZoneAlarm is investigating the issue with Microsoft update
>> >> KB951748:
>> >> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>> >>
>> >> To solve this, just reset the ZA database and the ZA will be
>> >> "fresh"
>> >> as
>> >> when it was first installed:
>> >> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>> >>
>> >> ZoneAlarm Customer Care How to Perform a Clean Install:
>> >> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>> >>
>> >> MS update KB951748 and ZoneAlarm:
>> >> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>> >>
>> >> *** Where the real blame lies!!!
>> >> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive
>> >> Multivendor
>> >> Patch Released:
>> >> http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
>> >>
>> >> To find out if the DNS server you use is vulnerable:
>> >> http://doxpara.com/
>> >>
>> >>
>> >> ju.c
>> >>
>> >>
>> >>
>> >>
>>