Re: ZoneAlarm & KB951748 - My Fix Works!
Wow, again I ask, how is it possible to be so dumb?
"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:Os68lU24IHA.4352@TK2MSFTNGP05.phx.gbl...
> Who needs any of those options when upgrades are available to address
> the problem? =>
> http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
> ??
>
>
> ju.c wrote:
>> I'm going to enlighten you once and for all, you stupid fool, Gis
>> Bun!
>>
>> (Before the latest ZoneAlarm update)
>>
>> Option 1
>> What to do - Move the slider from Stealth to Medium.
>> What it does - Enables all outgoing ports. (and more)
>>
>> Option 2
>> What to do - Uninstall KB951748.
>> What it does - Leaves you vulnerable.
>>
>> Option 3
>> What to do - Uninstall ZoneAlarm and use the Windows firewall.
>> What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port
>> control.
>>
>> My Option 4
>> What to do - Only allow limited outgoing ports.
>> What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only a
>> few
>> outgoing opened ports. Almost full security maintained.
>>
>>
>> ju.c
>>
>>
>> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
>> news:BBD11B44-51EB-4F35-89B7-0FD3B5E78EF3@microsoft.com...
>>> Now I'm not a network security expert, but I do know [and probably
>>> obvious]
>>> that the less you enable to the Internet, the better.
>>>
>>> When someone tries to hack into your system [all this of course is
>>> an
>>> example], they will use a utility to scan ports to see which are
>>> accessible.
>>> Once the port is open, they could have access to your PC.
>>>
>>> Alternatively, if your PC was infected with a trojan and you opened
>>> a
>>> bunch
>>> of ports, the trojan may be programmed well enough to exit your PC
>>> through an
>>> open port.
>>>
>>>
>>> "ju.c" wrote:
>>>
>>>> I've asked this question a few times before, how is it possible to
>>>> be
>>>> so
>>>> dumb?
>>>>
>>>> What ports are opened?
>>>>
>>>>
>>>> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
>>>> news:E7686D89-322C-4807-AE48-FCBD11B74D9C@microsoft.com...
>>>>>
>>>>> You don't want to open up ports as it opens up a can of worms.
>>>>> Your
>>>>> suggestion opens around 2920 TCP and UDP ports.
>>>>>
>>>>> Take ZoneAlarms section option. It is the most secure.
>>>>>
>>>>> "ju.c" wrote:
>>>>>
>>>>>> ZoneAlarm & KB951748 - Where's my internet?
>>>>>>
>>>>>> My solution that actually works after trying all those below and
>>>>>> on
>>>>>> every other post, and you can keep all your other settings alone:
>>>>>>
>>>>>> 1. Open ZoneAlarm's 'Firewall' tab.
>>>>>> 2. Click the 'Custom' button under 'Internet Zone Security'.
>>>>>> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing
>>>>>> UDP
>>>>>> ports'.
>>>>>> 4. Check it and enter "80-3000", click 'Apply' button.
>>>>>> 5. Do the same for 'Allow outgoing TCP ports'.
>>>>>> 6. Click OK.
>>>>>>
>>>>>> * The range "80-3000" is just a guess on my part, if anyone knows
>>>>>> a
>>>>>> better range please post it.
>>>>>>
>>>>>> Please post success or failure, thank you.
>>>>>>
>>>>>>
>>>>>> ZoneAlarm is investigating the issue with Microsoft update
>>>>>> KB951748:
>>>>>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>>>>>>
>>>>>> To solve this, just reset the ZA database and the ZA will be
>>>>>> "fresh"
>>>>>> as
>>>>>> when it was first installed:
>>>>>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>>>>>>
>>>>>> ZoneAlarm Customer Care How to Perform a Clean Install:
>>>>>> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>>>>>>
>>>>>> MS update KB951748 and ZoneAlarm:
>>>>>> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>>>>>>
>>>>>> *** Where the real blame lies!!!
>>>>>> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive
>>>>>> Multivendor
>>>>>> Patch Released:
>>>>>> http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
>>>>>>
>>>>>> To find out if the DNS server you use is vulnerable:
>>>>>> http://doxpara.com/
>>>>>>
>>>>>>
>>>>>> ju.c
>