Re: ZoneAlarm & KB951748 - My Fix Works!

Tech-Archive recommends: Fix windows errors by optimizing your registry

ju.c wrote:
ZoneAlarm & KB951748 - Where's my internet?

My solution that actually works after trying all those below and on
every other post, and you can keep all your other settings alone:

1. Open ZoneAlarm's 'Firewall' tab.
2. Click the 'Custom' button under 'Internet Zone Security'.
3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
ports'.
4. Check it and enter "80-3000", click 'Apply' button.
5. Do the same for 'Allow outgoing TCP ports'.
6. Click OK.

* The range "80-3000" is just a guess on my part, if anyone knows a
better range please post it.

Please post success or failure, thank you.


ZoneAlarm is investigating the issue with Microsoft update KB951748:
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785

To solve this, just reset the ZA database and the ZA will be
"fresh" as when it was first installed:
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727

ZoneAlarm Customer Care How to Perform a Clean Install:
http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html

MS update KB951748 and ZoneAlarm:
http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM

*** Where the real blame lies!!!
Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
Patch Released:
http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/

To find out if the DNS server you use is vulnerable:
http://doxpara.com/

Gis Bun wrote:
You don't want to open up ports as it opens up a can of worms. Your
suggestion opens around 2920 TCP and UDP ports.

Take ZoneAlarms section option. It is the most secure.

ju.c wrote:
I've asked this question a few times before, how is it possible to
be so dumb?

What ports are opened?

Gis Bun wrote:
Now I'm not a network security expert, but I do know [and probably
obvious] that the less you enable to the Internet, the better.

When someone tries to hack into your system [all this of course is
an example], they will use a utility to scan ports to see which are
accessible. Once the port is open, they could have access to your
PC.
Alternatively, if your PC was infected with a trojan and you opened
a bunch of ports, the trojan may be programmed well enough to exit
your PC through an open port.

ju.c wrote:
I'm going to enlighten you once and for all, you stupid fool, Gis
Bun!
(Before the latest ZoneAlarm update)

Option 1
What to do - Move the slider from Stealth to Medium.
What it does - Enables all outgoing ports. (and more)

Option 2
What to do - Uninstall KB951748.
What it does - Leaves you vulnerable.

Option 3
What to do - Uninstall ZoneAlarm and use the Windows firewall.
What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port
control.
My Option 4
What to do - Only allow limited outgoing ports.
What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only
a few outgoing opened ports. Almost full security maintained.

Shenan Stanley wrote:
I am happy you found a solution (work-around) for the problem - but
as you implied yourself (above) - it is a moot point now. Zone
Alarm admitted and repaired their issue by releasing an update.

What the last sentence says to me is, "everything else done prior
to the update (your solution included) was not the optimum solution
and now there *is* an optimum solution for those who feel they need
something like Zone Alarm to 'protect' their system - which is to
update to the latest version."
There actually was a 'more secure option' than any of the ones
listed above (before the patch - again this is a moot point)
available out there...
-----
Add your DNS servers to trusted zone

1. From the "Overview" panel, select the "Firewall" panel then
click on the "Zones" tab
2. Click "Add", then select "IP address" from the shortcut menu.
The Add IP Address dialog appears. Select "trusted" from the Zone
drop-down list 3. Type the IP address and a description in the boxes
provided,
then click "OK"
4. If you are not sure what IP addresses to add:
- Click the Start Menu
- Click on Run. Type "cmd.exe"
- In the command prompt type: "ipconfig /all". Look for DNS
Server(s) in the output of the command.
- For each IP address listed, navigate to the "Zones" panel of the
"Firewall" tab, add the IP address, select "Trusted Zone", and
press "Apply"
5. After you are done adding DNS servers click the "Apply" button
-----

But again - all a moot point now.

If someone feels they need the 'protection' that Zone Alarm gives
them over that of the Windows SP2 Firewall - then their best course
of action is to apply the latest version of Zone Alarm as suggested
by the manufacturer themselves. I hope that anyone still out there
experiencing this issue and searching for an answer that happens
across this conversation first does *that* suggestion above all
others (but - they are welcome to do the rest - their life.)

ju.c wrote:
I clearly wrote, "(Before the latest ZoneAlarm update)"

ju.c wrote:
And I also clearly said, "My solution that actually works after
trying all those below and on every other post."

I never said your solution did not work (for you or anyone else).

I quoted everything you had said in this conversation thread.

My "I am happy you found a solution (work-around) for the problem - but as
you implied yourself (above) - it is a moot point now." was confirming what
you had said ("Before the latest ZoneAlarm update") and pointing out you
knew what your solution meant now (the real solution has been released, a
work-around is unnecessary.)

In my opinion, you saying, "My solution that actually works after trying all
those below and on every other post" means very little unless you specify
the posts and what you have tried - after all - who knows what you see in
comparison to what I see on these newsgroups (depends on how your news
server synchronizes, what news server you use, when you check for new posts,
how often, how your newsreader is configured, etc.)

I gave the (now moot) solution I did because in your list of options (a
later post of yours, quoted above) - you did not include the solution I
quoted as one of the options being compared to. It was - actually - a more
secure option than the one you provided and confirmed to work by many
people.

In other words - I had/have no argument with you, congratulated you on
finding a solution that worked for you, gave an additional (now moot)
solution and made sure anyone reading this thread knew there was an official
fix and that nothing in this thread really mattered beyond that anymore.

Anyone searching for a solution to 'no internet after patching' that uses
Zone Alarm should do this:
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


.

Quantcast