Reply to thread

Message

Re: ZoneAlarm & KB951748 - My Fix Works!

ju.c wrote:
> ZoneAlarm & KB951748 - Where's my internet?
>
> My solution that actually works after trying all those below and on
> every other post, and you can keep all your other settings alone:
>
> 1. Open ZoneAlarm's 'Firewall' tab.
> 2. Click the 'Custom' button under 'Internet Zone Security'.
> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
> ports'.
> 4. Check it and enter "80-3000", click 'Apply' button.
> 5. Do the same for 'Allow outgoing TCP ports'.
> 6. Click OK.
>
> * The range "80-3000" is just a guess on my part, if anyone knows a
> better range please post it.
>
> Please post success or failure, thank you.
>
>
> ZoneAlarm is investigating the issue with Microsoft update KB951748:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>
> To solve this, just reset the ZA database and the ZA will be
> "fresh" as when it was first installed:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
> ZoneAlarm Customer Care How to Perform a Clean Install:
> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>
> MS update KB951748 and ZoneAlarm:
> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>
> *** Where the real blame lies!!!
> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
> Patch Released:
> http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
>
> To find out if the DNS server you use is vulnerable:
> http://doxpara.com/

Gis Bun wrote:
> You don't want to open up ports as it opens up a can of worms. Your
> suggestion opens around 2920 TCP and UDP ports.
>
> Take ZoneAlarms section option. It is the most secure.

ju.c wrote:
> I've asked this question a few times before, how is it possible to
> be so dumb?
>
> What ports are opened?

Gis Bun wrote:
> Now I'm not a network security expert, but I do know [and probably
> obvious] that the less you enable to the Internet, the better.
>
> When someone tries to hack into your system [all this of course is
> an example], they will use a utility to scan ports to see which are
> accessible. Once the port is open, they could have access to your
> PC.
> Alternatively, if your PC was infected with a trojan and you opened
> a bunch of ports, the trojan may be programmed well enough to exit
> your PC through an open port.

ju.c wrote:
> I'm going to enlighten you once and for all, you stupid fool, Gis
> Bun!
> (Before the latest ZoneAlarm update)
>
> Option 1
> What to do - Move the slider from Stealth to Medium.
> What it does - Enables all outgoing ports. (and more)
>
> Option 2
> What to do - Uninstall KB951748.
> What it does - Leaves you vulnerable.
>
> Option 3
> What to do - Uninstall ZoneAlarm and use the Windows firewall.
> What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port
> control.
> My Option 4
> What to do - Only allow limited outgoing ports.
> What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only
> a few outgoing opened ports. Almost full security maintained.

I am happy you found a solution (work-around) for the problem - but as you
implied yourself (above) - it is a moot point now. Zone Alarm admitted and
repaired their issue by releasing an update.

What the last sentence says to me is, "everything else done prior to the
update (your solution included) was not the optimum solution and now there
*is* an optimum solution for those who feel they need something like Zone
Alarm to 'protect' their system - which is to update to the latest version."

There actually was a 'more secure option' than any of the ones listed above
(before the patch - again this is a moot point) available out there...

-----
Add your DNS servers to trusted zone

1. From the "Overview" panel, select the "Firewall" panel then click on the
"Zones" tab
2. Click "Add", then select "IP address" from the shortcut menu. The Add IP
Address dialog appears. Select "trusted" from the Zone drop-down list
3. Type the IP address and a description in the boxes provided, then click
"OK"
4. If you are not sure what IP addresses to add:
- Click the Start Menu
- Click on Run. Type "cmd.exe"
- In the command prompt type: "ipconfig /all". Look for DNS Server(s)
   in the output of the command.
- For each IP address listed, navigate to the "Zones" panel of the
   "Firewall" tab, add the IP address, select "Trusted Zone", and
   press "Apply"
5. After you are done adding DNS servers click the "Apply" button
-----

But again - all a moot point now.

If someone feels they need the 'protection' that Zone Alarm gives them over
that of the Windows SP2 Firewall - then their best course of action is to
apply the latest version of Zone Alarm as suggested by the manufacturer
themselves. I hope that anyone still out there experiencing this issue and
searching for an answer that happens across this conversation first does
*that* suggestion above all others (but - they are welcome to do the rest -
their life.)

--
Shenan Stanley
   MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html

<blockquote data-quote="Shenan Stanley" data-source="post: 463806">Re: ZoneAlarm &amp; KB951748 - My Fix Works!ju.c wrote:&gt; ZoneAlarm &amp; KB951748 - Where&#039;s my internet?&gt;&gt; My solution that actually works after trying all those below and on&gt; every other post, and you can keep all your other settings alone:&gt;&gt; 1. Open ZoneAlarm&#039;s &#039;Firewall&#039; tab.&gt; 2. Click the &#039;Custom&#039; button under &#039;Internet Zone Security&#039;.&gt; 3. On the &#039;Internet Zone&#039; section scroll down to &#039;Allow outgoing UDP&gt; ports&#039;.&gt; 4. Check it and enter &quot;80-3000&quot;, click &#039;Apply&#039; button.&gt; 5. Do the same for &#039;Allow outgoing TCP ports&#039;.&gt; 6. Click OK.&gt;&gt; * The range &quot;80-3000&quot; is just a guess on my part, if anyone knows a&gt; better range please post it.&gt;&gt; Please post success or failure, thank you.&gt;&gt;&gt; ZoneAlarm is investigating the issue with Microsoft update KB951748:&gt; <a href="http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&amp;thread.id=52785" target="_blank">http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&amp;thread.id=52785</a>&gt;&gt; To solve this, just reset the ZA database and the ZA will be&gt; &quot;fresh&quot; as when it was first installed:&gt; <a href="http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&amp;message.id=52727" target="_blank">http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&amp;message.id=52727</a>&gt;&gt; ZoneAlarm Customer Care How to Perform a Clean Install:&gt; <a href="http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html" target="_blank">http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html</a>&gt;&gt; MS update KB951748 and ZoneAlarm:&gt; <a href="http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM" target="_blank">http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM</a>&gt;&gt; *** Where the real blame lies!!!&gt; Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor&gt; Patch Released:&gt; <a href="http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/" target="_blank">http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/</a>&gt;&gt; To find out if the DNS server you use is vulnerable:&gt; <a href="http://doxpara.com/" target="_blank">http://doxpara.com/</a>Gis Bun wrote:&gt; You don&#039;t want to open up ports as it opens up a can of worms. Your&gt; suggestion opens around 2920 TCP and UDP ports.&gt;&gt; Take ZoneAlarms section option. It is the most secure.ju.c wrote:&gt; I&#039;ve asked this question a few times before, how is it possible to&gt; be so dumb?&gt;&gt; What ports are opened?Gis Bun wrote:&gt; Now I&#039;m not a network security expert, but I do know [and probably&gt; obvious] that the less you enable to the Internet, the better.&gt;&gt; When someone tries to hack into your system [all this of course is&gt; an example], they will use a utility to scan ports to see which are&gt; accessible. Once the port is open, they could have access to your&gt; PC.&gt; Alternatively, if your PC was infected with a trojan and you opened&gt; a bunch of ports, the trojan may be programmed well enough to exit&gt; your PC through an open port.ju.c wrote:&gt; I&#039;m going to enlighten you once and for all, you stupid fool, Gis&gt; Bun!&gt; (Before the latest ZoneAlarm update)&gt;&gt;&nbsp; Option 1&gt; What to do - Move the slider from Stealth to Medium.&gt; What it does - Enables all outgoing ports. (and more)&gt;&gt;&nbsp; Option 2&gt; What to do - Uninstall KB951748.&gt; What it does - Leaves you vulnerable.&gt;&gt;&nbsp; Option 3&gt; What to do - Uninstall ZoneAlarm and use the Windows firewall.&gt; What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port&gt; control.&gt;&nbsp; My Option 4&gt; What to do - Only allow limited outgoing ports.&gt; What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only&gt; a few outgoing opened ports. Almost full security maintained.I am happy you found a solution (work-around) for the problem - but as you implied yourself (above) - it is a moot point now.&nbsp; Zone Alarm admitted and repaired their issue by releasing an update.What the last sentence says to me is, &quot;everything else done prior to the update (your solution included) was not the optimum solution and now there *is* an optimum solution for those who feel they need something like Zone Alarm to &#039;protect&#039; their system - which is to update to the latest version.&quot;There actually was a &#039;more secure option&#039; than any of the ones listed above (before the patch - again this is a moot point) available out there...-----Add your DNS servers to trusted zone1. From the &quot;Overview&quot; panel, select the &quot;Firewall&quot; panel then click on the &quot;Zones&quot; tab2. Click &quot;Add&quot;, then select &quot;IP address&quot; from the shortcut menu. The Add IP Address dialog appears. Select &quot;trusted&quot; from the Zone drop-down list3. Type the IP address and a description in the boxes provided, then click &quot;OK&quot;4. If you are not sure what IP addresses to add:&nbsp; - Click the Start Menu&nbsp; - Click on Run. Type &quot;cmd.exe&quot;&nbsp; - In the command prompt type: &quot;ipconfig /all&quot;. Look for DNS Server(s)&nbsp;&nbsp; in the output of the command.&nbsp; - For each IP address listed, navigate to the &quot;Zones&quot; panel of the&nbsp;&nbsp; &quot;Firewall&quot; tab, add the IP address, select &quot;Trusted Zone&quot;, and&nbsp;&nbsp; press &quot;Apply&quot;5. After you are done adding DNS servers click the &quot;Apply&quot; button-----But again - all a moot point now.If someone feels they need the &#039;protection&#039; that Zone Alarm gives them over that of the Windows SP2 Firewall - then their best course of action is to apply the latest version of Zone Alarm as suggested by the manufacturer themselves.&nbsp; I hope that anyone still out there experiencing this issue and searching for an answer that happens across this conversation first does *that* suggestion above all others (but - they are welcome to do the rest - their life.)-- Shenan Stanley&nbsp; &nbsp;&nbsp; MS-MVP-- How To Ask Questions The Smart Way<a href="http://www.catb.org/~esr/faqs/smart-questions.html" target="_blank">http://www.catb.org/~esr/faqs/smart-questions.html</a></blockquote>

[QUOTE="Shenan Stanley, post: 463806"] Re: ZoneAlarm & KB951748 - My Fix Works! ju.c wrote:[color=blue] > ZoneAlarm & KB951748 - Where's my internet? > > My solution that actually works after trying all those below and on > every other post, and you can keep all your other settings alone: > > 1. Open ZoneAlarm's 'Firewall' tab. > 2. Click the 'Custom' button under 'Internet Zone Security'. > 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP > ports'. > 4. Check it and enter "80-3000", click 'Apply' button. > 5. Do the same for 'Allow outgoing TCP ports'. > 6. Click OK. > > * The range "80-3000" is just a guess on my part, if anyone knows a > better range please post it. > > Please post success or failure, thank you. > > > ZoneAlarm is investigating the issue with Microsoft update KB951748: > [url]http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785[/url] > > To solve this, just reset the ZA database and the ZA will be > "fresh" as when it was first installed: > [url]http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727[/url] > > ZoneAlarm Customer Care How to Perform a Clean Install: > [url]http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html[/url] > > MS update KB951748 and ZoneAlarm: > [url]http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM[/url] > > *** Where the real blame lies!!! > Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor > Patch Released: > [url]http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/[/url] > > To find out if the DNS server you use is vulnerable: > [url]http://doxpara.com/[/url][/color] Gis Bun wrote:[color=blue] > You don't want to open up ports as it opens up a can of worms. Your > suggestion opens around 2920 TCP and UDP ports. > > Take ZoneAlarms section option. It is the most secure.[/color] ju.c wrote:[color=blue] > I've asked this question a few times before, how is it possible to > be so dumb? > > What ports are opened?[/color] Gis Bun wrote:[color=blue] > Now I'm not a network security expert, but I do know [and probably > obvious] that the less you enable to the Internet, the better. > > When someone tries to hack into your system [all this of course is > an example], they will use a utility to scan ports to see which are > accessible. Once the port is open, they could have access to your > PC. > Alternatively, if your PC was infected with a trojan and you opened > a bunch of ports, the trojan may be programmed well enough to exit > your PC through an open port.[/color] ju.c wrote:[color=blue] > I'm going to enlighten you once and for all, you stupid fool, Gis > Bun! > (Before the latest ZoneAlarm update) > > Option 1 > What to do - Move the slider from Stealth to Medium. > What it does - Enables all outgoing ports. (and more) > > Option 2 > What to do - Uninstall KB951748. > What it does - Leaves you vulnerable. > > Option 3 > What to do - Uninstall ZoneAlarm and use the Windows firewall. > What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port > control. > My Option 4 > What to do - Only allow limited outgoing ports. > What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only > a few outgoing opened ports. Almost full security maintained.[/color] I am happy you found a solution (work-around) for the problem - but as you implied yourself (above) - it is a moot point now. Zone Alarm admitted and repaired their issue by releasing an update. What the last sentence says to me is, "everything else done prior to the update (your solution included) was not the optimum solution and now there *is* an optimum solution for those who feel they need something like Zone Alarm to 'protect' their system - which is to update to the latest version." There actually was a 'more secure option' than any of the ones listed above (before the patch - again this is a moot point) available out there... ----- Add your DNS servers to trusted zone 1. From the "Overview" panel, select the "Firewall" panel then click on the "Zones" tab 2. Click "Add", then select "IP address" from the shortcut menu. The Add IP Address dialog appears. Select "trusted" from the Zone drop-down list 3. Type the IP address and a description in the boxes provided, then click "OK" 4. If you are not sure what IP addresses to add: - Click the Start Menu - Click on Run. Type "cmd.exe" - In the command prompt type: "ipconfig /all". Look for DNS Server(s) in the output of the command. - For each IP address listed, navigate to the "Zones" panel of the "Firewall" tab, add the IP address, select "Trusted Zone", and press "Apply" 5. After you are done adding DNS servers click the "Apply" button ----- But again - all a moot point now. If someone feels they need the 'protection' that Zone Alarm gives them over that of the Windows SP2 Firewall - then their best course of action is to apply the latest version of Zone Alarm as suggested by the manufacturer themselves. I hope that anyone still out there experiencing this issue and searching for an answer that happens across this conversation first does *that* suggestion above all others (but - they are welcome to do the rest - their life.) -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way [url]http://www.catb.org/~esr/faqs/smart-questions.html[/url] [/QUOTE]

Verification

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Back

Top