 
CTCNetwork
join:2003-05-17
Notts
| Bye-Bye ZoneAlarm Sorry, but a security product, designed to protect your PC shouldn't be bugged with this sort of problem.:o
Hello Kerio, here I come.:D
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~I drive a Volvo, Please Don't Get In My Way!I owe, I owe, 'tis off to work I go. . . . . . . . . | |
|
 | 
Steve
Pipe Wrench Fight
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Bye-Bye ZoneAlarm said by CTCNetwork  :
Sorry, but a security product, designed to protect your PC shouldn't be bugged with this sort of problem.
It's not entirely certain that ZoneAlarm is even doing this: what if some badware is doing it with data patterns designed to make it *look* like ZA was doing this?
Only time will tell...
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site | |
|
| | |
| | |
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB
| Maybe ZA had intended to plant a distro server on Maybe ZoneLabs had intended to plant a distro server on BBR to reduce the cost of distributing updates. 
Pretty strange though.
If it is a trojan trying to stop ZA updating, I'd expect it to try the same trick with other FW and AV software. | |
|
navalpatel
join:2003-07-28
Lubbock, TX | Compentant Security At least ZoneAlarm is somewhat competant at what it is designed to do... compared to say anything that Microsoft may make (i.e. Windows firewall). | |
|
| dave
Premium,MVM
join:2000-05-04
not in ohio
 ·Verizon Online DSL
| Re: Compentant Security said by navalpatel :
At least ZoneAlarm is somewhat competant at what it is designed to do... compared to say anything that Microsoft may make (i.e. Windows firewall).
There's one in every crowd, huh?
... and it's strange how they usually can't spell. | |
|
| |
Steve
Pipe Wrench Fight
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Compentant Security said by dave :
There's one in every crowd, huh?
at least he didn't spell "Microsoft" with a $ | |
|
| | | 
pcscdma
Chocobo Chocobo Random Battle
Premium
join:2004-01-14
Winterset, IA
clubs: | Re: Compentant Security at least this hasn't turned into a fight between Microsoft and Linu$ Torvald$' wares.
--
Be patriotic or I'm reporting you to Ashcroft. | |
|
| 
Combat Chuck
Too Many Cannibals
Premium
join:2001-11-29
Erie, PA
| said by navalpatel :
At least ZoneAlarm is somewhat competant at what it is designed to do... compared to say anything that Microsoft may make (i.e. Windows firewall).
No, XP's firewall did exactly what it was designed to do; block unsolicited incoming connections. It just didn't do what you wanted it to do; block outgoing connections.
--
Japan-- Now with 30% more climbable telephone poles!! | |
|
| 
Rhobite
Premium
join:2002-02-24
Cambridge, MA
clubs:
| Please give a specific example of what the Windows firewall fails to do. The only thing I can think of is that during startup there's a brief period of exposure before the firewall kicks in. I agree that this is a small problem but it's fixed in SP2.
--
Jimmysquid.com - I take pictures. | |
|
| | dave
Premium,MVM
join:2000-05-04
not in ohio
·Verizon Online DSL
| Re: Compentant Security said by Rhobite :
Please give a specific example of what the Windows firewall fails to do. The only thing I can think of is that during startup there's a brief period of exposure before the firewall kicks in. I agree that this is a small problem but it's fixed in SP2.
...and it's not clear that ZA does not have the same exposure (see Security forum posts passim). | |
|
| | | 
SpitefulCrow
Insert Witty Tag Here
Premium
join:2003-06-04
Berkeley, CA | Re: Compentant Security Yay for system boot procedures that load firewall code and rulesets before any kind of network interface is brought online. 
/linuxrave | |
|
| | | |
Steve
Pipe Wrench Fight
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Compentant Security said by SpitefulCrow :
Yay for system boot procedures that load firewall code and rulesets before any kind of network interface is brought online.
/linuxrave
<xprave>Yah for XP Service Pack 2, which does the same thing</xprave> | |
|
| | | | | |
| | | | | |
Steve
Pipe Wrench Fight
Consultant
join:2001-03-10
Yorba Linda, CA | Re: Compentant Security <xprave>Yay for firewalls that have more than two users</xprave> | |
|
| | | | | | keyboard5684
join:2001-08-01
Youngsville, PA | Windows firewall allows you to modufy it to "open ports" or do what you wish. | |
|
| | | | | | |
Steve
Pipe Wrench Fight
Consultant
join:2001-03-10
Yorba Linda, CA
1 edit | Re: Compentant Security said by keyboard5684 :
Windows firewall allows you to modufy it to "open ports" or do what you wish.
The one in XP/SP2: yes. The older firewall really sucked (even though it did what it claimed).
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site | |
|
| | | | | | | |
Rhobite
Premium
join:2002-02-24
Cambridge, MA
clubs: | Re: Compentant Security Even the older one lets you open ports individually. | |
|
| | | | | | | | |
SpitefulCrow
Insert Witty Tag Here
Premium
join:2003-06-04
Berkeley, CA
| Re: Compentant Security said by Rhobite :
Even the older one lets you open ports individually.
Ooh wow, opening ports. That's so great.
iptables supports connection tracking and customized matching based on almost every field in the packet/frame. | |
|
| | | | | | | | | |
| | | | | | | | dumbTNtech
join:2003-04-29
Knoxville, TN
| Say what you will, I've been doing ISP support for four years now and I haven't seen the ICF keep anyone offline. I have seen Zone Alarm suddenly block ALL incoming and outgoing traffic for no apparent reason. Then it's a real pain to remove. The ICF in WindowsXP seems to do a very good job. The only situation where it's not helpful is when you have a trojan on your system letting someone or something in. Of course, that never happens to anyone here.......
--
"Don't try to explain computers to a layman-easier to explain sex to a virgin."-R.A. Heinlein | |
|
| |
robnelle
Blowing Kisses To You All
Premium
join:2001-12-05
Indianapolis, IN
clubs:
1 edit | huh What did Zone Labs have to say about it? | |
|
dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA
 ·Comcast
| One reason I switched That's one of the reasons I switched to Kerio 4.0.16. It seems that ZA just keeps having problems...enough so as to not to trust it. ZAP 4.5 did work well, but I'm happy with Kerio... for now.
--
When you've seen one nuclear war, you've seen them all. TheTechPub | |
|
netwire
Premium
join:2001-04-27
Mooresboro, NC | Hmm.. Solution: Enabled "Manually Check for Updates"... | |
|
|
Combat Chuck
Too Many Cannibals
Premium
join:2001-11-29
Erie, PA
| Re: Hmm.. said by netwire :
Solution: Enabled "Manually Check for Updates"...
And pray that whatever is causing this actually pays attention to the setting.
--
Japan-- Now with 30% more climbable telephone poles!! | |
|
CPM
join:2001-08-24
Miami, FL | Nothing but Problems I had ZA two years ago and it is nothing but probems. Remeber a software firewall is only as good as the OS it is running on and Windows is not that secure. | |
|
| 
72276539
Premium
join:2001-01-19
Atlanta, GA
1 edit | Re: Nothing but Problems Wrong answer, sorry please try again. I have had plenty of problems with ZA but its not windows that writes the application. Its not windows that does the install routine nor is it windows that is phoning home. | |
|
|
|
Samwoo
join:2002-02-15
Rancho Palos Verdes, CA
1 edit | Wait? Zone alarm doesn't ever automatically install updates anyways. when there is an update they link you to their site where you must manually download and run the new install.
The only thing it does automatically is check for updates. | |
|
| 
nil
Java Geek
join:2000-11-27 | Re: Wait? Yes, but considering it thinks *we* are their site.. well.. doesn't appear to be very secure, does it?
--
Life is too short to be boring | |
|
Samwoo
join:2002-02-15
Rancho Palos Verdes, CA
1 edit | Hmm my browser didn't refresh properly...
is there any way i can delete this? | |
|
|
|
See 7 replies to this post |
|
mkbaird
join:2000-03-30
Colorado Springs, CO
·Qwest.net
| I'm wondering if this started with version 5, or are even the older versions doing this updating thing. I'm still using 4.5. I'm not updating to 5 until I hear more positive reports etc. Does anyone know if there PC has called the BBR's?
Marcus | |
|
|
Rhobite
Premium
join:2002-02-24
Cambridge, MA
clubs:
| Are we sure that this isn't some sort of trojan or other sort of spyware on the users' machines, that's made to look like ZA? After all the traffic is being blocked by ZA and I'd assume that ZA lets its own "real" traffic pass through. Are we sure that ZA is the source of this traffic, and not some other program that's running on the PC?
--
Jimmysquid.com - I take pictures. | |
|
|
Steve
Pipe Wrench Fight
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Question for folks who've been following If it *is* a Trojan or other badware, none of the anti-badware software is detecting it. Our users have been over the hills and through the woods looking for badware without any success.
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site | |
|
| | 
Smokey
I killed the Wabbit
Premium
join:2003-05-20
Va Beach
clubs: | Re: Question for folks who've been following But when will we get to grandma's house? | |
|
| 
Owlbet
Night Owl of the Arctic
Premium,MVM
join:2002-09-24
Palmer, AK
clubs:
·MTA Online
| said by Rhobite :
Are we sure that this isn't some sort of trojan or other sort of spyware on the users' machines, that's made to look like ZA? After all the traffic is being blocked by ZA and I'd assume that ZA lets its own "real" traffic pass through. Are we sure that ZA is the source of this traffic, and not some other program that's running on the PC?
I highly doubt that. Most of the MVMs, VIPS, Mods, Regulars & general lurkers, run pretty tight ships. We come loaded with our hosts files, Spybot, Spyware Guard, Hi-Jack This, Ad-Aware, various AVs & ATs, etc. I agree with the consensus here that there is a programming flaw in Zone Alarm that is causing this and not some undiscovered malicious payload piggybacking on Zone Alarm.
On a lighter note....Zone Alarm wants to read the Security Update Sticky in the Security Forum. 
--
Rocky is, was, and always will be Dawg E. Dawg. Miss you, pal. | |
|
|
|
See 7 replies to this post |
|
Maggs
Premium
join:2002-11-29
Woodside, NY
·RCN CABLE
| It was one of the ZoneAlarm coders who was surfing BBR at the time. He might have typed BBR's IP in instead of ZA's.
I use Sygate, so I will check my logs to see if it occurs in other Firewall products.
I feel sorry for the site admins, getting pounded by stupid ZA cilents. Why don't the site admins, set a redirection to the actual ZA update servers, that way it might get corrected.
--
Paperclips do not belong inside a printer. Snapple Tech tip #123 | |
|
|
Steve
Pipe Wrench Fight
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Maybe... Just Maybe said by Maggs :
Why don't the site admins, set a redirection to the actual ZA update servers, that way it might get corrected.
Because "posting front-page news" on a busy site like BBR is much more likely to capture their attention | |
|
|
AcidLoops
join:2000-12-26
Ontario, CA | I got away from that crap and switched to the free version of sygate a year ago. | |
|
| 
LordSoth3
join:2003-05-29
London, KY | Re: ZoneAlarm sucks. x2, using Kerio 2.15 right now, have been for a few years for that matter.
No problems, does EXACTLY what I tell it to
Sygate, Outpost and Tiny are also very good. | |
|
richk_1957
If ..Then..Else
Premium
join:2001-04-11
Minas Tirith
| When I upgraded to 5, I noticed that, although I had told it not to contact zone labs, it tried to. And as I've had other issues with 5, I uninstalled it.
4.5 doesn't have this problem. I've had no problems there so that is where I am right now. | |
|
| 
PunkGod
join:2003-02-02 | I never liked ZoneAlarm I never trusted that program from the day it came out. I will allways use a hardware firewall. | |
|
| |
LordSoth3
join:2003-05-29
London, KY
| Re: I never liked ZoneAlarm Well, in all honesty I will stick with Kerio 2.15 I see really no other firewall that I need besides it at this point. How can you guys even compare Zone alarm to Kerio for that matter? With Kerio you control what is going in and out, bottom line!
Ditch the ZoneAlarm newbie firewall and go with something a little more advanced such as Kerio 2.15
Nuff said
And come on, comparing windows firewall to Kerio? There is no comparison, Kerio eats the windows firewall for lunch and then spits it back out and laughs.
Come on guys, you guys that know about packets, filtering, networking protocols and the such should be able to see that Kerio or Outpost is by far superior to windows firewall for Zone Alarm.
Zone Alarm is meant to be a newbie firewall, simple at that. Remember that next time you get hacked and you wish you installed and was running a hardware firewall or Kerio with proxomotron. | |
|
| |
Combat Chuck
Too Many Cannibals
Premium
join:2001-11-29
Erie, PA | Will that hardware firewall let you block a particular piece of software from phoning home?
--
Japan-- Now with 30% more climbable telephone poles!! | |
|
| | |
PunkGod
join:2003-02-02
| Re: I never liked ZoneAlarm said by Combat Chuck :
Will that hardware firewall let you block a particular piece of software from phoning home?
Yes but it doesn't have that problem. I'm using a cisco firewall. | |
|
| | | |
LordSoth3
join:2003-05-29
London, KY
| Re: I never liked ZoneAlarm I like Cisco You can be extremely strict with what you want to let out or in as with any application. I would say you can deny that program from phoning home pretty easily even with a software firewall if you know what you are doing. | |
|
|
|
|
Re: Bye-Bye ZoneAlarm
·
·
