ZoneAlarm & KB951748 - My Fix Works!

J

ju.c

ZoneAlarm & KB951748 - Where's my internet?

My solution that actually works after trying all those below and on
every other post, and you can keep all your other settings alone:

1. Open ZoneAlarm's 'Firewall' tab.
2. Click the 'Custom' button under 'Internet Zone Security'.
3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
ports'.
4. Check it and enter "80-3000", click 'Apply' button.
5. Do the same for 'Allow outgoing TCP ports'.
6. Click OK.

* The range "80-3000" is just a guess on my part, if anyone knows a
better range please post it.

Please post success or failure, thank you.


ZoneAlarm is investigating the issue with Microsoft update KB951748:
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785

To solve this, just reset the ZA database and the ZA will be "fresh" as
when it was first installed:
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727

ZoneAlarm Customer Care How to Perform a Clean Install:
http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html

MS update KB951748 and ZoneAlarm:
http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM

*** Where the real blame lies!!!
Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
Patch Released:
http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/

To find out if the DNS server you use is vulnerable:
http://doxpara.com/


ju.c
 
R

Roger Overunder

It'll be interesting to see how this works for other folks, ju.c.

I'm more prone to to go with ZoneAlarm's suggestion on this (link below) and
let the MS/ZoneAlarm people earn thier big bucks :)

http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52863

===================================

"ju.c" wrote:

> ZoneAlarm & KB951748 - Where's my internet?
>
> My solution that actually works after trying all those below and on
> every other post, and you can keep all your other settings alone:
>
> 1. Open ZoneAlarm's 'Firewall' tab.
> 2. Click the 'Custom' button under 'Internet Zone Security'.
> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
> ports'.
> 4. Check it and enter "80-3000", click 'Apply' button.
> 5. Do the same for 'Allow outgoing TCP ports'.
> 6. Click OK.
>
> * The range "80-3000" is just a guess on my part, if anyone knows a
> better range please post it.
>
> Please post success or failure, thank you.
>
>
> ZoneAlarm is investigating the issue with Microsoft update KB951748:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>
> To solve this, just reset the ZA database and the ZA will be "fresh" as
> when it was first installed:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
> ZoneAlarm Customer Care How to Perform a Clean Install:
> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>
> MS update KB951748 and ZoneAlarm:
> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>
> *** Where the real blame lies!!!
> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
> Patch Released:
> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>
> To find out if the DNS server you use is vulnerable:
> http://doxpara.com/
>
>
> ju.c
>
>
>
>
 
J

ju.c

New link, official ZoneAlarm announcement thread:
http://forum.zonelabs.org/zonelabs/board/message?board.id=Official&message.id=6

ju.c

> ZoneAlarm & KB951748 - Where's my internet?
>
> My solution that actually works after trying all those below and on
> every other post, and you can keep all your other settings alone:
>
> 1. Open ZoneAlarm's 'Firewall' tab.
> 2. Click the 'Custom' button under 'Internet Zone Security'.
> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
> ports'.
> 4. Check it and enter "80-3000", click 'Apply' button.
> 5. Do the same for 'Allow outgoing TCP ports'.
> 6. Click OK.
>
> * The range "80-3000" is just a guess on my part, if anyone knows a
> better range please post it.
>
> Please post success or failure, thank you.
>
>
> ZoneAlarm is investigating the issue with Microsoft update KB951748:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>
> To solve this, just reset the ZA database and the ZA will be "fresh"
> as when it was first installed:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
> ZoneAlarm Customer Care How to Perform a Clean Install:
> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>
> MS update KB951748 and ZoneAlarm:
> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>
> *** Where the real blame lies!!!
> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
> Patch Released:
> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>
> To find out if the DNS server you use is vulnerable:
> http://doxpara.com/
>
>
> ju.c
>
>
>
 
R

Roger Overunder

Hi ju.c -

Thanks for the reply, but I think if you check, you'll find the message-link
you posted was from yesterday (June 8th in USA):

"07-08-2008 03:51 PM"

The message I linked to has today's date:

"Message Edited by Forum-Moderator on 07-09-2008 07:11 AM"

Folks can do whatever they're comfortable with and it'll be interesting to
see how your solution works for other people!
=================

"ju.c" wrote:

> New link, official ZoneAlarm announcement thread:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=Official&message.id=6
>
> ju.c
>
> > ZoneAlarm & KB951748 - Where's my internet?
> >
> > My solution that actually works after trying all those below and on
> > every other post, and you can keep all your other settings alone:
> >
> > 1. Open ZoneAlarm's 'Firewall' tab.
> > 2. Click the 'Custom' button under 'Internet Zone Security'.
> > 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
> > ports'.
> > 4. Check it and enter "80-3000", click 'Apply' button.
> > 5. Do the same for 'Allow outgoing TCP ports'.
> > 6. Click OK.
> >
> > * The range "80-3000" is just a guess on my part, if anyone knows a
> > better range please post it.
> >
> > Please post success or failure, thank you.
> >
> >
> > ZoneAlarm is investigating the issue with Microsoft update KB951748:
> > http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
> >
> > To solve this, just reset the ZA database and the ZA will be "fresh"
> > as when it was first installed:
> > http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
> >
> > ZoneAlarm Customer Care How to Perform a Clean Install:
> > http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
> >
> > MS update KB951748 and ZoneAlarm:
> > http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
> >
> > *** Where the real blame lies!!!
> > Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
> > Patch Released:
> > http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
> >
> > To find out if the DNS server you use is vulnerable:
> > http://doxpara.com/
> >
> >
> > ju.c
> >
> >
> >

>
 
W

whosbest54

In article <OdUUoZd4IHA.3736@TK2MSFTNGP03.phx.gbl>, bibidybubidyboop@mailnator.com
says...
>
>
>ZoneAlarm & KB951748 - Where's my internet?
>
>My solution that actually works after trying all those below and on
>every other post, and you can keep all your other settings alone:
>
>1. Open ZoneAlarm's 'Firewall' tab.
>2. Click the 'Custom' button under 'Internet Zone Security'.
>3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
>ports'.
>4. Check it and enter "80-3000", click 'Apply' button.
>5. Do the same for 'Allow outgoing TCP ports'.
>6. Click OK.
>
>* The range "80-3000" is just a guess on my part, if anyone knows a
>better range please post it.
>
>Please post success or failure, thank you.
>
>
>ZoneAlarm is investigating the issue with Microsoft update KB951748:
>http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>
>To solve this, just reset the ZA database and the ZA will be "fresh" as
>when it was first installed:
>http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
>ZoneAlarm Customer Care How to Perform a Clean Install:
>http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>
>MS update KB951748 and ZoneAlarm:
>http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>
>*** Where the real blame lies!!!
>Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
>Patch Released:
>http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-

multivendor-patch-released/
>
>To find out if the DNS server you use is vulnerable:
>http://doxpara.com/
>
>
>ju.c
>

The official temp workarounds from ZA are here:

http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html

whosbest54
--
The flamewars are over...if you want it.

Unofficial rec.audio.opinion Usenet Group Brief User Guide:
http://www.geocities.com/whosbest54/

Unofficial rec.music.beatles Usenet Group Brief User Guide:
http://www.geocities.com/whosbest54/rmb.html
 
G

Gis Bun

You don't want to open up ports as it opens up a can of worms. Your
suggestion opens around 2920 TCP and UDP ports.

Take ZoneAlarms section option. It is the most secure.

"ju.c" wrote:

> ZoneAlarm & KB951748 - Where's my internet?
>
> My solution that actually works after trying all those below and on
> every other post, and you can keep all your other settings alone:
>
> 1. Open ZoneAlarm's 'Firewall' tab.
> 2. Click the 'Custom' button under 'Internet Zone Security'.
> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
> ports'.
> 4. Check it and enter "80-3000", click 'Apply' button.
> 5. Do the same for 'Allow outgoing TCP ports'.
> 6. Click OK.
>
> * The range "80-3000" is just a guess on my part, if anyone knows a
> better range please post it.
>
> Please post success or failure, thank you.
>
>
> ZoneAlarm is investigating the issue with Microsoft update KB951748:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>
> To solve this, just reset the ZA database and the ZA will be "fresh" as
> when it was first installed:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
> ZoneAlarm Customer Care How to Perform a Clean Install:
> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>
> MS update KB951748 and ZoneAlarm:
> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>
> *** Where the real blame lies!!!
> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
> Patch Released:
> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>
> To find out if the DNS server you use is vulnerable:
> http://doxpara.com/
>
>
> ju.c
>
>
>
>
 
R

Roger Overunder

That's one reason I wasn't too keen on doing it myself, Gis.

"Gis Bun" wrote:
> You don't want to open up ports as it opens up a can of worms. Your
> suggestion opens around 2920 TCP and UDP ports.
 
P

PA Bear [MS MVP]

See related conversations in this forum:
http://forum.zonelabs.org/zonelabs/board?board.id=cfg

Keep an eye on this thread:
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52785

Although the fix here should work:
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727

I strongly disagree with this advice:
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html

Perhaps a better firewall is what's needed?
http://www.matousec.com/projects/firewall-challenge/results.php
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/


ju.c wrote:
> ZoneAlarm & KB951748 - Where's my internet?

<snip>
 
J

ju.c

I've asked this question a few times before, how is it possible to be so
dumb?

What ports are opened?


"Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
news:E7686D89-322C-4807-AE48-FCBD11B74D9C@microsoft.com...
>
> You don't want to open up ports as it opens up a can of worms. Your
> suggestion opens around 2920 TCP and UDP ports.
>
> Take ZoneAlarms section option. It is the most secure.
>
> "ju.c" wrote:
>
>> ZoneAlarm & KB951748 - Where's my internet?
>>
>> My solution that actually works after trying all those below and on
>> every other post, and you can keep all your other settings alone:
>>
>> 1. Open ZoneAlarm's 'Firewall' tab.
>> 2. Click the 'Custom' button under 'Internet Zone Security'.
>> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
>> ports'.
>> 4. Check it and enter "80-3000", click 'Apply' button.
>> 5. Do the same for 'Allow outgoing TCP ports'.
>> 6. Click OK.
>>
>> * The range "80-3000" is just a guess on my part, if anyone knows a
>> better range please post it.
>>
>> Please post success or failure, thank you.
>>
>>
>> ZoneAlarm is investigating the issue with Microsoft update KB951748:
>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>>
>> To solve this, just reset the ZA database and the ZA will be "fresh"
>> as
>> when it was first installed:
>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>>
>> ZoneAlarm Customer Care How to Perform a Clean Install:
>> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>>
>> MS update KB951748 and ZoneAlarm:
>> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>>
>> *** Where the real blame lies!!!
>> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
>> Patch Released:
>> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>>
>> To find out if the DNS server you use is vulnerable:
>> http://doxpara.com/
>>
>>
>> ju.c
>>
>>
>>
>>
 
J

ju.c

Not too bright, are we?

"Roger Overunder" <RogerOverunder@discussions.microsoft.com> wrote in
message news:086259E7-4CC5-47FF-8C3C-57F24F9C3F94@microsoft.com...
> That's one reason I wasn't too keen on doing it myself, Gis.
>
> "Gis Bun" wrote:
>> You don't want to open up ports as it opens up a can of worms. Your
>> suggestion opens around 2920 TCP and UDP ports.

>
 
G

Gis Bun

PA, when you said "I strongly disagree with this advice:", I'd assume you
ment the "options" as the update should fix the issue [haven't tried it yet].

"PA Bear [MS MVP]" wrote:

> See related conversations in this forum:
> http://forum.zonelabs.org/zonelabs/board?board.id=cfg
>
> Keep an eye on this thread:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52785
>
> Although the fix here should work:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
> I strongly disagree with this advice:
> http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
>
> Perhaps a better firewall is what's needed?
> http://www.matousec.com/projects/firewall-challenge/results.php
> --
> ~Robear Dyer (PA Bear)
> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
> AumHa VSOP & Admin http://aumha.net
> DTS-L http://dts-l.net/
>
>
> ju.c wrote:
> > ZoneAlarm & KB951748 - Where's my internet?

> <snip>
>
>
 
G

Gis Bun

Now I'm not a network security expert, but I do know [and probably obvious]
that the less you enable to the Internet, the better.

When someone tries to hack into your system [all this of course is an
example], they will use a utility to scan ports to see which are accessible.
Once the port is open, they could have access to your PC.

Alternatively, if your PC was infected with a trojan and you opened a bunch
of ports, the trojan may be programmed well enough to exit your PC through an
open port.


"ju.c" wrote:

> I've asked this question a few times before, how is it possible to be so
> dumb?
>
> What ports are opened?
>
>
> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
> news:E7686D89-322C-4807-AE48-FCBD11B74D9C@microsoft.com...
> >
> > You don't want to open up ports as it opens up a can of worms. Your
> > suggestion opens around 2920 TCP and UDP ports.
> >
> > Take ZoneAlarms section option. It is the most secure.
> >
> > "ju.c" wrote:
> >
> >> ZoneAlarm & KB951748 - Where's my internet?
> >>
> >> My solution that actually works after trying all those below and on
> >> every other post, and you can keep all your other settings alone:
> >>
> >> 1. Open ZoneAlarm's 'Firewall' tab.
> >> 2. Click the 'Custom' button under 'Internet Zone Security'.
> >> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
> >> ports'.
> >> 4. Check it and enter "80-3000", click 'Apply' button.
> >> 5. Do the same for 'Allow outgoing TCP ports'.
> >> 6. Click OK.
> >>
> >> * The range "80-3000" is just a guess on my part, if anyone knows a
> >> better range please post it.
> >>
> >> Please post success or failure, thank you.
> >>
> >>
> >> ZoneAlarm is investigating the issue with Microsoft update KB951748:
> >> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
> >>
> >> To solve this, just reset the ZA database and the ZA will be "fresh"
> >> as
> >> when it was first installed:
> >> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
> >>
> >> ZoneAlarm Customer Care How to Perform a Clean Install:
> >> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
> >>
> >> MS update KB951748 and ZoneAlarm:
> >> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
> >>
> >> *** Where the real blame lies!!!
> >> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
> >> Patch Released:
> >> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
> >>
> >> To find out if the DNS server you use is vulnerable:
> >> http://doxpara.com/
> >>
> >>
> >> ju.c
> >>
> >>
> >>
> >>

>
 
P

PA Bear [MS MVP]

The press release has been revised several times since it was released on 08
July and since I posted it in this thread.

Gis Bun wrote:
> PA, when you said "I strongly disagree with this advice:", I'd assume you
> ment the "options" as the update should fix the issue [haven't tried it
> yet].
>
> "PA Bear [MS MVP]" wrote:
>
>> See related conversations in this forum:
>> http://forum.zonelabs.org/zonelabs/board?board.id=cfg
>>
>> Keep an eye on this thread:
>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52785
>>
>> Although the fix here should work:
>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>>
>> I strongly disagree with this advice:
>> http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
>>
>> Perhaps a better firewall is what's needed?
>> http://www.matousec.com/projects/firewall-challenge/results.php
>> --
>> ~Robear Dyer (PA Bear)
>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
>> AumHa VSOP & Admin http://aumha.net
>> DTS-L http://dts-l.net/
>>
>>
>> ju.c wrote:
>>> ZoneAlarm & KB951748 - Where's my internet?

>> <snip>
 
D

dmahtc

I used "ju.c" suggestion on my ZA Security Suite. It worked. Thanks "ju.c".
Later I removed the "ju.c" suggestion and went to Zonelabs web site and
downloaded new version of ZA Security Suite. It gave me Internet access.
Also it starting a virus/spyware scan automatically. Everything seems to
normal.
--
dmahtc


"ju.c" wrote:

> ZoneAlarm & KB951748 - Where's my internet?
>
> My solution that actually works after trying all those below and on
> every other post, and you can keep all your other settings alone:
>
> 1. Open ZoneAlarm's 'Firewall' tab.
> 2. Click the 'Custom' button under 'Internet Zone Security'.
> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
> ports'.
> 4. Check it and enter "80-3000", click 'Apply' button.
> 5. Do the same for 'Allow outgoing TCP ports'.
> 6. Click OK.
>
> * The range "80-3000" is just a guess on my part, if anyone knows a
> better range please post it.
>
> Please post success or failure, thank you.
>
>
> ZoneAlarm is investigating the issue with Microsoft update KB951748:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>
> To solve this, just reset the ZA database and the ZA will be "fresh" as
> when it was first installed:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
> ZoneAlarm Customer Care How to Perform a Clean Install:
> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>
> MS update KB951748 and ZoneAlarm:
> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>
> *** Where the real blame lies!!!
> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
> Patch Released:
> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>
> To find out if the DNS server you use is vulnerable:
> http://doxpara.com/
>
>
> ju.c
>
>
>
>
 
J

ju.c

Again I ask, what ports would my fix open?


"Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
news:BBD11B44-51EB-4F35-89B7-0FD3B5E78EF3@microsoft.com...
> Now I'm not a network security expert, but I do know [and probably
> obvious]
> that the less you enable to the Internet, the better.
>
> When someone tries to hack into your system [all this of course is an
> example], they will use a utility to scan ports to see which are
> accessible.
> Once the port is open, they could have access to your PC.
>
> Alternatively, if your PC was infected with a trojan and you opened a
> bunch
> of ports, the trojan may be programmed well enough to exit your PC
> through an
> open port.
>
>
> "ju.c" wrote:
>
>> I've asked this question a few times before, how is it possible to be
>> so
>> dumb?
>>
>> What ports are opened?
>>
>>
>> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
>> news:E7686D89-322C-4807-AE48-FCBD11B74D9C@microsoft.com...
>> >
>> > You don't want to open up ports as it opens up a can of worms. Your
>> > suggestion opens around 2920 TCP and UDP ports.
>> >
>> > Take ZoneAlarms section option. It is the most secure.
>> >
>> > "ju.c" wrote:
>> >
>> >> ZoneAlarm & KB951748 - Where's my internet?
>> >>
>> >> My solution that actually works after trying all those below and
>> >> on
>> >> every other post, and you can keep all your other settings alone:
>> >>
>> >> 1. Open ZoneAlarm's 'Firewall' tab.
>> >> 2. Click the 'Custom' button under 'Internet Zone Security'.
>> >> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing
>> >> UDP
>> >> ports'.
>> >> 4. Check it and enter "80-3000", click 'Apply' button.
>> >> 5. Do the same for 'Allow outgoing TCP ports'.
>> >> 6. Click OK.
>> >>
>> >> * The range "80-3000" is just a guess on my part, if anyone knows
>> >> a
>> >> better range please post it.
>> >>
>> >> Please post success or failure, thank you.
>> >>
>> >>
>> >> ZoneAlarm is investigating the issue with Microsoft update
>> >> KB951748:
>> >> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>> >>
>> >> To solve this, just reset the ZA database and the ZA will be
>> >> "fresh"
>> >> as
>> >> when it was first installed:
>> >> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>> >>
>> >> ZoneAlarm Customer Care How to Perform a Clean Install:
>> >> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>> >>
>> >> MS update KB951748 and ZoneAlarm:
>> >> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>> >>
>> >> *** Where the real blame lies!!!
>> >> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive
>> >> Multivendor
>> >> Patch Released:
>> >> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>> >>
>> >> To find out if the DNS server you use is vulnerable:
>> >> http://doxpara.com/
>> >>
>> >>
>> >> ju.c
>> >>
>> >>
>> >>
>> >>

>>
 
J

ju.c

I'm going to enlighten you once and for all, you stupid fool, Gis Bun!

(Before the latest ZoneAlarm update)

Option 1
What to do - Move the slider from Stealth to Medium.
What it does - Enables all outgoing ports. (and more)

Option 2
What to do - Uninstall KB951748.
What it does - Leaves you vulnerable.

Option 3
What to do - Uninstall ZoneAlarm and use the Windows firewall.
What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port control.

My Option 4
What to do - Only allow limited outgoing ports.
What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only a few
outgoing opened ports. Almost full security maintained.


ju.c


"Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
news:BBD11B44-51EB-4F35-89B7-0FD3B5E78EF3@microsoft.com...
> Now I'm not a network security expert, but I do know [and probably
> obvious]
> that the less you enable to the Internet, the better.
>
> When someone tries to hack into your system [all this of course is an
> example], they will use a utility to scan ports to see which are
> accessible.
> Once the port is open, they could have access to your PC.
>
> Alternatively, if your PC was infected with a trojan and you opened a
> bunch
> of ports, the trojan may be programmed well enough to exit your PC
> through an
> open port.
>
>
> "ju.c" wrote:
>
>> I've asked this question a few times before, how is it possible to be
>> so
>> dumb?
>>
>> What ports are opened?
>>
>>
>> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
>> news:E7686D89-322C-4807-AE48-FCBD11B74D9C@microsoft.com...
>> >
>> > You don't want to open up ports as it opens up a can of worms. Your
>> > suggestion opens around 2920 TCP and UDP ports.
>> >
>> > Take ZoneAlarms section option. It is the most secure.
>> >
>> > "ju.c" wrote:
>> >
>> >> ZoneAlarm & KB951748 - Where's my internet?
>> >>
>> >> My solution that actually works after trying all those below and
>> >> on
>> >> every other post, and you can keep all your other settings alone:
>> >>
>> >> 1. Open ZoneAlarm's 'Firewall' tab.
>> >> 2. Click the 'Custom' button under 'Internet Zone Security'.
>> >> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing
>> >> UDP
>> >> ports'.
>> >> 4. Check it and enter "80-3000", click 'Apply' button.
>> >> 5. Do the same for 'Allow outgoing TCP ports'.
>> >> 6. Click OK.
>> >>
>> >> * The range "80-3000" is just a guess on my part, if anyone knows
>> >> a
>> >> better range please post it.
>> >>
>> >> Please post success or failure, thank you.
>> >>
>> >>
>> >> ZoneAlarm is investigating the issue with Microsoft update
>> >> KB951748:
>> >> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>> >>
>> >> To solve this, just reset the ZA database and the ZA will be
>> >> "fresh"
>> >> as
>> >> when it was first installed:
>> >> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>> >>
>> >> ZoneAlarm Customer Care How to Perform a Clean Install:
>> >> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>> >>
>> >> MS update KB951748 and ZoneAlarm:
>> >> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>> >>
>> >> *** Where the real blame lies!!!
>> >> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive
>> >> Multivendor
>> >> Patch Released:
>> >> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>> >>
>> >> To find out if the DNS server you use is vulnerable:
>> >> http://doxpara.com/
>> >>
>> >>
>> >> ju.c
>> >>
>> >>
>> >>
>> >>

>>
 
P

PA Bear [MS MVP]

Who needs any of those options when upgrades are available to address the
problem? =>
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
??


ju.c wrote:
> I'm going to enlighten you once and for all, you stupid fool, Gis Bun!
>
> (Before the latest ZoneAlarm update)
>
> Option 1
> What to do - Move the slider from Stealth to Medium.
> What it does - Enables all outgoing ports. (and more)
>
> Option 2
> What to do - Uninstall KB951748.
> What it does - Leaves you vulnerable.
>
> Option 3
> What to do - Uninstall ZoneAlarm and use the Windows firewall.
> What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port control.
>
> My Option 4
> What to do - Only allow limited outgoing ports.
> What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only a few
> outgoing opened ports. Almost full security maintained.
>
>
> ju.c
>
>
> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
> news:BBD11B44-51EB-4F35-89B7-0FD3B5E78EF3@microsoft.com...
>> Now I'm not a network security expert, but I do know [and probably
>> obvious]
>> that the less you enable to the Internet, the better.
>>
>> When someone tries to hack into your system [all this of course is an
>> example], they will use a utility to scan ports to see which are
>> accessible.
>> Once the port is open, they could have access to your PC.
>>
>> Alternatively, if your PC was infected with a trojan and you opened a
>> bunch
>> of ports, the trojan may be programmed well enough to exit your PC
>> through an
>> open port.
>>
>>
>> "ju.c" wrote:
>>
>>> I've asked this question a few times before, how is it possible to be
>>> so
>>> dumb?
>>>
>>> What ports are opened?
>>>
>>>
>>> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
>>> news:E7686D89-322C-4807-AE48-FCBD11B74D9C@microsoft.com...
>>>>
>>>> You don't want to open up ports as it opens up a can of worms. Your
>>>> suggestion opens around 2920 TCP and UDP ports.
>>>>
>>>> Take ZoneAlarms section option. It is the most secure.
>>>>
>>>> "ju.c" wrote:
>>>>
>>>>> ZoneAlarm & KB951748 - Where's my internet?
>>>>>
>>>>> My solution that actually works after trying all those below and
>>>>> on
>>>>> every other post, and you can keep all your other settings alone:
>>>>>
>>>>> 1. Open ZoneAlarm's 'Firewall' tab.
>>>>> 2. Click the 'Custom' button under 'Internet Zone Security'.
>>>>> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing
>>>>> UDP
>>>>> ports'.
>>>>> 4. Check it and enter "80-3000", click 'Apply' button.
>>>>> 5. Do the same for 'Allow outgoing TCP ports'.
>>>>> 6. Click OK.
>>>>>
>>>>> * The range "80-3000" is just a guess on my part, if anyone knows
>>>>> a
>>>>> better range please post it.
>>>>>
>>>>> Please post success or failure, thank you.
>>>>>
>>>>>
>>>>> ZoneAlarm is investigating the issue with Microsoft update
>>>>> KB951748:
>>>>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>>>>>
>>>>> To solve this, just reset the ZA database and the ZA will be
>>>>> "fresh"
>>>>> as
>>>>> when it was first installed:
>>>>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>>>>>
>>>>> ZoneAlarm Customer Care How to Perform a Clean Install:
>>>>> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>>>>>
>>>>> MS update KB951748 and ZoneAlarm:
>>>>> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>>>>>
>>>>> *** Where the real blame lies!!!
>>>>> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive
>>>>> Multivendor
>>>>> Patch Released:
>>>>> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>>>>>
>>>>> To find out if the DNS server you use is vulnerable:
>>>>> http://doxpara.com/
>>>>>
>>>>>
>>>>> ju.c
 
J

ju.c

Wow, again I ask, how is it possible to be so dumb?


"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:Os68lU24IHA.4352@TK2MSFTNGP05.phx.gbl...
> Who needs any of those options when upgrades are available to address
> the problem? =>
> http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
> ??
>
>
> ju.c wrote:
>> I'm going to enlighten you once and for all, you stupid fool, Gis
>> Bun!
>>
>> (Before the latest ZoneAlarm update)
>>
>> Option 1
>> What to do - Move the slider from Stealth to Medium.
>> What it does - Enables all outgoing ports. (and more)
>>
>> Option 2
>> What to do - Uninstall KB951748.
>> What it does - Leaves you vulnerable.
>>
>> Option 3
>> What to do - Uninstall ZoneAlarm and use the Windows firewall.
>> What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port
>> control.
>>
>> My Option 4
>> What to do - Only allow limited outgoing ports.
>> What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only a
>> few
>> outgoing opened ports. Almost full security maintained.
>>
>>
>> ju.c
>>
>>
>> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
>> news:BBD11B44-51EB-4F35-89B7-0FD3B5E78EF3@microsoft.com...
>>> Now I'm not a network security expert, but I do know [and probably
>>> obvious]
>>> that the less you enable to the Internet, the better.
>>>
>>> When someone tries to hack into your system [all this of course is
>>> an
>>> example], they will use a utility to scan ports to see which are
>>> accessible.
>>> Once the port is open, they could have access to your PC.
>>>
>>> Alternatively, if your PC was infected with a trojan and you opened
>>> a
>>> bunch
>>> of ports, the trojan may be programmed well enough to exit your PC
>>> through an
>>> open port.
>>>
>>>
>>> "ju.c" wrote:
>>>
>>>> I've asked this question a few times before, how is it possible to
>>>> be
>>>> so
>>>> dumb?
>>>>
>>>> What ports are opened?
>>>>
>>>>
>>>> "Gis Bun" <GisBun@discussions.microsoft.com> wrote in message
>>>> news:E7686D89-322C-4807-AE48-FCBD11B74D9C@microsoft.com...
>>>>>
>>>>> You don't want to open up ports as it opens up a can of worms.
>>>>> Your
>>>>> suggestion opens around 2920 TCP and UDP ports.
>>>>>
>>>>> Take ZoneAlarms section option. It is the most secure.
>>>>>
>>>>> "ju.c" wrote:
>>>>>
>>>>>> ZoneAlarm & KB951748 - Where's my internet?
>>>>>>
>>>>>> My solution that actually works after trying all those below and
>>>>>> on
>>>>>> every other post, and you can keep all your other settings alone:
>>>>>>
>>>>>> 1. Open ZoneAlarm's 'Firewall' tab.
>>>>>> 2. Click the 'Custom' button under 'Internet Zone Security'.
>>>>>> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing
>>>>>> UDP
>>>>>> ports'.
>>>>>> 4. Check it and enter "80-3000", click 'Apply' button.
>>>>>> 5. Do the same for 'Allow outgoing TCP ports'.
>>>>>> 6. Click OK.
>>>>>>
>>>>>> * The range "80-3000" is just a guess on my part, if anyone knows
>>>>>> a
>>>>>> better range please post it.
>>>>>>
>>>>>> Please post success or failure, thank you.
>>>>>>
>>>>>>
>>>>>> ZoneAlarm is investigating the issue with Microsoft update
>>>>>> KB951748:
>>>>>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>>>>>>
>>>>>> To solve this, just reset the ZA database and the ZA will be
>>>>>> "fresh"
>>>>>> as
>>>>>> when it was first installed:
>>>>>> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>>>>>>
>>>>>> ZoneAlarm Customer Care How to Perform a Clean Install:
>>>>>> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>>>>>>
>>>>>> MS update KB951748 and ZoneAlarm:
>>>>>> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>>>>>>
>>>>>> *** Where the real blame lies!!!
>>>>>> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive
>>>>>> Multivendor
>>>>>> Patch Released:
>>>>>> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>>>>>>
>>>>>> To find out if the DNS server you use is vulnerable:
>>>>>> http://doxpara.com/
>>>>>>
>>>>>>
>>>>>> ju.c

>
 
S

Shenan Stanley

ju.c wrote:
> ZoneAlarm & KB951748 - Where's my internet?
>
> My solution that actually works after trying all those below and on
> every other post, and you can keep all your other settings alone:
>
> 1. Open ZoneAlarm's 'Firewall' tab.
> 2. Click the 'Custom' button under 'Internet Zone Security'.
> 3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
> ports'.
> 4. Check it and enter "80-3000", click 'Apply' button.
> 5. Do the same for 'Allow outgoing TCP ports'.
> 6. Click OK.
>
> * The range "80-3000" is just a guess on my part, if anyone knows a
> better range please post it.
>
> Please post success or failure, thank you.
>
>
> ZoneAlarm is investigating the issue with Microsoft update KB951748:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785
>
> To solve this, just reset the ZA database and the ZA will be
> "fresh" as when it was first installed:
> http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727
>
> ZoneAlarm Customer Care How to Perform a Clean Install:
> http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html
>
> MS update KB951748 and ZoneAlarm:
> http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM
>
> *** Where the real blame lies!!!
> Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
> Patch Released:
> http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/
>
> To find out if the DNS server you use is vulnerable:
> http://doxpara.com/


Gis Bun wrote:
> You don't want to open up ports as it opens up a can of worms. Your
> suggestion opens around 2920 TCP and UDP ports.
>
> Take ZoneAlarms section option. It is the most secure.


ju.c wrote:
> I've asked this question a few times before, how is it possible to
> be so dumb?
>
> What ports are opened?


Gis Bun wrote:
> Now I'm not a network security expert, but I do know [and probably
> obvious] that the less you enable to the Internet, the better.
>
> When someone tries to hack into your system [all this of course is
> an example], they will use a utility to scan ports to see which are
> accessible. Once the port is open, they could have access to your
> PC.
> Alternatively, if your PC was infected with a trojan and you opened
> a bunch of ports, the trojan may be programmed well enough to exit
> your PC through an open port.


ju.c wrote:
> I'm going to enlighten you once and for all, you stupid fool, Gis
> Bun!
> (Before the latest ZoneAlarm update)
>
> Option 1
> What to do - Move the slider from Stealth to Medium.
> What it does - Enables all outgoing ports. (and more)
>
> Option 2
> What to do - Uninstall KB951748.
> What it does - Leaves you vulnerable.
>
> Option 3
> What to do - Uninstall ZoneAlarm and use the Windows firewall.
> What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port
> control.
> My Option 4
> What to do - Only allow limited outgoing ports.
> What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only
> a few outgoing opened ports. Almost full security maintained.


I am happy you found a solution (work-around) for the problem - but as you
implied yourself (above) - it is a moot point now. Zone Alarm admitted and
repaired their issue by releasing an update.

What the last sentence says to me is, "everything else done prior to the
update (your solution included) was not the optimum solution and now there
*is* an optimum solution for those who feel they need something like Zone
Alarm to 'protect' their system - which is to update to the latest version."

There actually was a 'more secure option' than any of the ones listed above
(before the patch - again this is a moot point) available out there...

-----
Add your DNS servers to trusted zone

1. From the "Overview" panel, select the "Firewall" panel then click on the
"Zones" tab
2. Click "Add", then select "IP address" from the shortcut menu. The Add IP
Address dialog appears. Select "trusted" from the Zone drop-down list
3. Type the IP address and a description in the boxes provided, then click
"OK"
4. If you are not sure what IP addresses to add:
- Click the Start Menu
- Click on Run. Type "cmd.exe"
- In the command prompt type: "ipconfig /all". Look for DNS Server(s)
in the output of the command.
- For each IP address listed, navigate to the "Zones" panel of the
"Firewall" tab, add the IP address, select "Trusted Zone", and
press "Apply"
5. After you are done adding DNS servers click the "Apply" button
-----

But again - all a moot point now.

If someone feels they need the 'protection' that Zone Alarm gives them over
that of the Windows SP2 Firewall - then their best course of action is to
apply the latest version of Zone Alarm as suggested by the manufacturer
themselves. I hope that anyone still out there experiencing this issue and
searching for an answer that happens across this conversation first does
*that* suggestion above all others (but - they are welcome to do the rest -
their life.)

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
 

Similar threads

T
Replies
26
Views
432
i need answer how to resolve problem
I
M
Replies
13
Views
703
Anthony Buckland
A
Back
Top Bottom