Zone Alarm and Firefox - Firewalls

This is a discussion on Zone Alarm and Firefox - Firewalls ; I have a problem with Zone Alarm. Whenever I now (this is very recent, since the first of the year) boot up my Windows XP Home SP1 computed Zone Alarm always asks for me to authorize a connection to the ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: Zone Alarm and Firefox

  1. Zone Alarm and Firefox

    I have a problem with Zone Alarm.

    Whenever I now (this is very recent, since the first of the year) boot
    up my Windows XP Home SP1 computed Zone Alarm always asks for me to
    authorize a connection to the internet using the SAME IP address.
    Furthermore, when I look at the settings Zone Alarm is always set to
    "ask" instead of "allow" the ip address. The settings are always reset
    when I shut down the system. Also, my settings for Firefox are also
    reset to "ask" from "allow". Any ideas what is causing this and how it
    can be corrected?

    I've tried everything including the "trusted zone" setting even though
    I am not on a LAN.

  2. Re: Zone Alarm and Firefox

    Victor Laszlo wrote:
    > I have a problem with Zone Alarm.


    A circle is round. Ice is cold. And you have a problem with Zone Alarm.

    Do you like pleonasms? ;-)

    Yours,
    VB.

    P.S.: There is an easy solution: just kick Zone Alarm.
    --
    The file name of an indirect node file is the string "iNode" immediately
    followed by the link reference converted to decimal text, with no leading
    zeroes. For example, an indirect node file with link reference 123 would
    have the name "iNode123". - HFS Plus Volume Format, MacOS X

  3. Re: Zone Alarm and Firefox

    On Sun, 04 May 2008 00:57:55 GMT, Victor Laszlo
    wrote:

    >I have a problem with Zone Alarm.


    'ere we go again.

    >Whenever I now (this is very recent, since the first of the year) boot
    >up my Windows XP Home SP1 computed Zone Alarm always asks for me to
    >authorize a connection to the internet using the SAME IP address.
    >Furthermore, when I look at the settings Zone Alarm is always set to
    >"ask" instead of "allow" the ip address. The settings are always reset
    >when I shut down the system. Also, my settings for Firefox are also
    >reset to "ask" from "allow".


    >Any ideas what is causing this and how it
    >can be corrected?


    ZA is causing this.

    It can be corrected by getting rid of ZA (if possible).

    >I've tried everything including the "trusted zone" setting even though
    >I am not on a LAN.


    Yes. That's your problem. You're experimenting with a crappy
    "security" solution within an area you don't understand.

  4. Re: Zone Alarm and Firefox

    On Sun, 04 May 2008 00:57:55 GMT, Victor Laszlo wrote:

    > I have a problem with Zone Alarm.


    Solution:
    How to uninstall ZoneAlarm cleanly.
    http://zonealarm.donhoover.net/uninstall.html
    or
    Revo Uninstaller.
    http://www.revouninstaller.com/

    > Whenever I now (this is very recent, since the first of the year) boot
    > up my Windows XP Home SP1...


    Your OS requires to be updated.



    > I've tried everything including the "trusted zone" setting even though
    > I am not on a LAN.


    The most dependable defenses are:
    1. Do not work as 'Administrator'; For day-to-day work routinely use a
    Limited User Account (LUA).
    2. Secure (Harden) your operating system.
    3. Keep your operating (OS) system (and all software on it)
    updated/patched.
    4. Reconsider the usage of IE and OE.
    5. Review your installed 3rd party software applications/utilities;
    Remove clutter.
    6. Don't expose services to public networks.
    7. Activate the build-in firewall and configure Windows not to use TCP/IP
    as transport protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP
    ports 135,137-139 and 445 (the most exploited Windows networking weak
    point) closed.
    7a.If on high-speed internet use a router as well.
    8. Routinely practice safe-hex.
    9. Regularly back-up data/files.
    10.Familiarize yourself with crash recovery tools and re-installing your
    operating system (OS).
    11.Utilize a real-time anti-virus application and vital system
    monitoring utilities/applications.
    12.Keep abreast of the latest developments - Sh!t happens...you know.
    The least preferred defenses are:
    Myriads of popular anti-whatever applications and staying ignorant.



  5. Re: Zone Alarm and Firefox

    Kayman wrote:
    > 4. Reconsider the usage of IE and OE.


    It would appear that your Usenet bot misread the subject line. Its form
    letter response engine is also missing a most crucial step:

    Lucky #13. Try opening a support incident with your software vendor before
    soliciting biased advice from the the curmudgeons of Usenet.

    FYI, not that Cisco haven't made their fair share of missteps over the
    years but they actually include the Zone Alarm engine in their IPsec
    client. Naturally, it's been stripped of its standard UI and access list
    and enforces policies set by the VPN endpoint thus eliminating the newbie
    factor from the equation. Of course, this is more restrictive for the end
    user but that's the intention.

    As for the original poster, I would, unfortunately, have to suggest that
    you try the de rigeur of Windows trouble-shooting steps; uninstall and
    reinstall it unless advised otherwise by the vendor you're paying to
    support your product. Does it have an option to export/import your
    existing access policy? If so, be sure to export it first so you can
    reimport it after reinstalling.

    -Gary

  6. Re: Zone Alarm and Firefox

    On Mon, 05 May 2008 20:15:36 -0000, Gary wrote:

    > Kayman wrote:
    >> 4. Reconsider the usage of IE and OE.

    >
    > It would appear that your Usenet bot misread the subject line.


    How so? Why is re-evaluation provoking such a comment?

    > Its form letter response engine is also missing a most crucial step:
    > Lucky #13.


    Your superstitious notions are of little importance. You may consider
    "Myriads of popular anti-whatever applications and staying ignorant" as
    item 13.

    > Try opening a support incident with your software vendor before


    Yeah right. The makers of commercially driven Illusion Ware are bending
    over backwards...

    > soliciting biased advice from the the curmudgeons of Usenet.


    You don't know me, if you group me in some arbitrary fashion, that is your
    own inability to see clearly and not my issue.
    But yes, mea culpa, the advice favors common sense over advertisement
    driven Phony-Baloney Ware.

    > FYI, not that Cisco haven't made their fair share of missteps over the
    > years but they actually include the Zone Alarm engine in their IPsec
    > client. Naturally, it's been stripped of its standard UI and access list
    > and enforces policies set by the VPN endpoint thus eliminating the newbie
    > factor from the equation. Of course, this is more restrictive for the end
    > user but that's the intention.


    Spreading marketing hype instead of sound technical advice?
    Which 'security' software manufacturer do you represent?

    > As for the original poster, I would, unfortunately, have to suggest that
    > you try the de rigeur of Windows trouble-shooting steps; uninstall and
    > reinstall it unless advised otherwise by the vendor you're paying to
    > support your product.


    De rigueur steps are oftentimes inadequate when trying to remove
    questionable software. Even Norton/Symantech and others provide speciality
    removal tools, oh well.

    > Does it have an option to export/import your
    > existing access policy? If so, be sure to export it first so you can
    > reimport it after reinstalling.


    You obviously know little about ZA.
    Would you care to meaningfully explain how your response, I guess
    you deem it a reasonable explanation, is any except a self-centered
    viewpoint expounding a self-centered approach.
    --
    Arguing with anonymous strangers on the Internet is a sucker's game because
    they almost always turn out to be (or to be indistinguishable from)
    self-righteous sixteen-year-olds possessing infinite amounts of free time.
    (Neil Stephenson, author of "Cryptonomicon")

  7. Re: Zone Alarm and Firefox


    Kayman spewed:
    > You don't know me, if you group me in some arbitrary fashion, that is
    > your own inability to see clearly and not my issue.


    What is your technical issue? Or is it merely one of attitude? *yawn*

    > Spreading marketing hype instead of sound technical advice?
    > Which 'security' software manufacturer do you represent?


    None of them. I've been a unix sysadmin for 15+ years. What's your excuse?

    -Gary

  8. Re: Zone Alarm and Firefox

    Kayman wrote:
    > The most dependable defenses are:
    > 1. Do not work as 'Administrator'; For day-to-day work routinely use a
    > Limited User Account (LUA).


    i agree with this one

    > 2. Secure (Harden) your operating system.


    a missing manual ?
    how does one do that
    and why does it seem like nobody really wants to elaborate on how ?
    in a sense this post appeared/Portraited itself as a 'how to
    harden your PC' tutorial

    > 3. Keep your operating (OS) system (and all software on it)
    > updated/patched.
    > 4. Reconsider the usage of IE and OE.
    > 5. Review your installed 3rd party software applications/utilities;
    > Remove clutter.


    i agree again
    but i'm a minimalist some people just like bloat
    and a whole desktop filled with icons is usually an indicator
    of this

    > 6. Don't expose services to public networks.


    is this really a problem if you have a NAT'ing router ?
    a router shouldn't forward broadcasts and most of them
    don't allow unsollicited inbound connections

    > 7. Activate the build-in firewall and configure Windows not to use TCP/IP
    > as transport protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP
    > ports 135,137-139 and 445 (the most exploited Windows networking weak
    > point) closed.


    how does one do that?
    are you talking about the Netbios over TCP/IP option
    in the NIC config iirc (the place where lmhosts is also present) ?
    or just disabling netbios all together, which is kinda bad advice
    since for most people with a home network
    netbios == their network

    > 7a.If on high-speed internet use a router as well.
    > 8. Routinely practice safe-hex.


    a hate that word !
    hex is not that easy and
    it takes most people amble time to tell me what
    8146 is in hex

    > 9. Regularly back-up data/files.


    people who have no intention of learning how to automatize this
    and/or don't know how will get confused when they have to deal with
    multiple backups. as a result they'll tell you everything is backed up
    while it hardly isn't and they'll start blaming 'you' of removing their
    backups* and other evil stuff* if **** hits the fan.

    > 10.Familiarize yourself with crash recovery tools and re-installing your
    > operating system (OS).
    > 11.Utilize a real-time anti-virus application and vital system
    > monitoring utilities/applications.
    > 12.Keep abreast of the latest developments - Sh!t happens...you know.
    > The least preferred defenses are:
    > Myriads of popular anti-whatever applications and staying ignorant.
    >
    >


    i agree we have to install mcafee here
    and a girl who just got a new pc managed to attract a worm in 2 days
    or so mcafee claims
    i told her the obvious thing is to flatten the system again, but she
    asked me if i could disable the pop-ups instead.

    point of this
    most users don't give a ****, it took me some time
    trying to explain possible scenarios like keyloggers
    logging her usernames/passwords, bankinformation
    before she finally agreed to have me flatten the system

  9. Re: Zone Alarm and Firefox

    On Wed, 07 May 2008 12:42:01 +0200, goarilla@work wrote:

    > Kayman wrote:
    >> The most dependable defenses are:
    >> 1. Do not work as 'Administrator'; For day-to-day work routinely use a
    >> Limited User Account (LUA).

    >
    > i agree with this one


    I am glad you do

    >> 2. Secure (Harden) your operating system.

    >
    > a missing manual ?


    not really (Google is your friend
    > how does one do that


    > and why does it seem like nobody really wants to elaborate on how ?


    because nobody asked for

    > in a sense this post appeared/Portraited itself as a 'how to
    > harden your PC' tutorial


    here ya go:
    2. Secure (Harden) your operating system.
    *10 Immutable Laws of Security
    http://www.microsoft.com/technet/arc....mspx?mfr=true

    *Proceed with 'Hardening' your Operating System (all 3 websites have good
    guidances)
    http://www.5starsupport.com/tutorial...ng-windows.htm
    http://www.malwarehelp.org/Malware-P...Security1.html
    http://labmice.techtarget.com/articl...ychecklist.htm
    Note:
    Both Plug & Play and DCOM can easily disabled manually in Services (Local)
    panel and the Windows Messenger can be dealt with as mentioned in 2d.
    Therefore there is *no* need to download the below mentioned tools:
    a) To disable Windows Plug and Play,
    b) To disable Windows DCOM,
    c) To disable Windows Messenger,

    And
    *In Folder Options | File Types tab - *add* .CAB File.

    *Right-click My Computer | Properties, System Properties - Advanced -
    Performance/Settings - Data Execution Prevention is 'checked' Turn on
    DEP...except those I select:
    How to determine that hardware DEP is available and configured on your
    computer.
    http://support.microsoft.com/kb/912923

    *Local Security Settings (Admin Tools - Local Security Policy) Network
    security: Do not store LAN Manager hash value on next
    password exchange
    = ENABLED.

    *Uninstall/disable Windows Messenger Windows Messenger in XP
    http://www.kellys-korner-xp.com/xp_messenger.htm
    Stop Windows Messenger from Auto-Starting.
    Simply delete the following Registry Key:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\MSMSGS

    *Security Policy Recommendations.
    www.nsa.gov/snac/support/sixty_minutes.pdf
    Security Attribute (page 27/28).
    a) Network access: Do not allow anonymous enumeration of SAM accounts
    HKLM\System\CurrentControlSet\Control\Lsa\Restrict AnonymousSAM = 1
    Recommendet Setting: Enabled
    b) Network access: Do not allow anonymous enumeration of SAM accounts and
    shares
    HKLM\System\CurrentControlSet\Control\Lsa\Restrict Anonymous = 1
    Recommended Setting: Enabled
    c) Network access: Let Everyone permissions apply to anonymous users
    HKLM\System\CurrentControlSet\Control\Lsa\Everyone IncludesAnonymous = 0
    Recommended Setting: Disabled

    *Turn - Off Autoplay.
    http://www.dougknox.com/xp/tips/cd_autoplay_pro.htm
    To Disable CD autoplay, completely, in Windows XP Pro
    a) Click Start, Run and enter GPEDIT.MSC
    b) Go to Computer Configuration, Administrative Templates, System.
    c) Locate the entry for Turn autoplay off and modify it as you desire.
    Alternative:
    http://www.microsoft.com/windowsxp/d...powertoys.mspx
    Scroll down to Tweak UI, download TweakUI.exe
    Once you've installed TweakUI you'll find a lot of options in it. To
    turn-off Autoplay, in TweakUI expand My Computer, and then AutoPlay.
    Click on Drives and uncheck the drive letter that you no longer want to
    AutoPlay. Click on Apply and that's it. No more "what would you like me to
    do" dialogs.
    >
    >> 3. Keep your operating (OS) system (and all software on it)
    >> updated/patched.
    >> 4. Reconsider the usage of IE and OE.
    >> 5. Review your installed 3rd party software applications/utilities;
    >> Remove clutter.

    >
    > i agree again
    > but i'm a minimalist some people just like bloat
    > and a whole desktop filled with icons is usually an indicator
    > of this
    >
    >> 6. Don't expose services to public networks.

    >
    > is this really a problem if you have a NAT'ing router ?


    It certainly can be

    > a router shouldn't forward broadcasts and most of them
    > don't allow unsollicited inbound connections


    Well, have a good look here and be guided accordingly (tweak the way it
    suits *you*). This can be a tedious exercise but will bear fruits later on;
    Initiate a good record of your activities).
    Beginners Guides: Understanding and Tweaking WindowsXP Services
    http://www.pcstats.com/
    Page 1: Beginners Guides: Understanding and Tweaking WindowsXP Services
    Page 2: Which services are running?
    Page 3: Getting Information on Specific Services
    Page 4: Properties of Services
    Page 5: Why do does WinXP need Services?
    Page 6: What services should be running?
    Page 7: Services to disable for better security and performance
    Page 8: Creating your own services
    Page 9: Creating Services Continued

    Windows XP Service Pack 2 Service Configurations
    http://www.blackviper.com/WinXP/servicecfg.htm#

    Windows XP SP2 default Services #1.
    http://www.ss64.com/ntsyntax/services.html

    Default settings for services #2.
    http://www.microsoft.com/resources/d....mspx?mfr=true

    Note: SP3 has 4 additional Services viz:
    1.Extensible AuthenticationProtocol Service
    2.Health Key and Certificate Management Service
    3.Network Access Protection Agent
    4.Wired AutoConfig
    Leave the default settings (manual).

    >> 7. Activate the build-in firewall and configure Windows not to use TCP/IP
    >> as transport protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP
    >> ports 135,137-139 and 445 (the most exploited Windows networking weak
    >> point) closed.

    >
    > how does one do that?
    > are you talking about the Netbios over TCP/IP option
    > in the NIC config iirc (the place where lmhosts is also present) ?
    > or just disabling netbios all together, which is kinda bad advice
    > since for most people with a home network
    > netbios == their network

    The only reasonable way to deal with malware is to prevent it from being
    run in the first place. That's what AV software or Windows' System
    Restriction Policies are doing. And what 3rd party Personal Firewalls
    *fail* to do.
    If on dial-up internet connection:
    Activate and utilize the Win XP SP2 built-in Firewall; Uncheck *all*
    Programs and Services under the Exception tab and review exceptions
    frequently (the less exceptions the better).
    Read through:
    Deconstructing Common Security Myths.
    http://www.microsoft.com/technet/tec...s/default.aspx
    Scroll down to:
    "Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe."

    Exploring the windows Firewall.
    http://www.microsoft.com/technet/tec...l/default.aspx
    "Outbound protection is security theater—it’s a gimmick that only gives the
    impression of improving your security without doing anything that actually
    does improve your security."

    How to Configure Windows Firewall on a Single Computer
    http://www.microsoft.com/technet/sec.../cfgfwall.mspx

    Troubleshooting Windows Firewall settings in Windows XP Service Pack 2
    http://support.microsoft.com/default.aspx?kbid=875357

    Understanding Windows Firewall.
    http://www.microsoft.com/windowsxp/u...2_wfintro.mspx

    Using Windows Firewall.
    http://www.microsoft.com/windowsxp/u...nfirewall.mspx

    Using the Windows Firewall INF File in Microsoft Windows XP Service Pack 2
    http://www.microsoft.com/downloads/d...displaylang=en

    Deploying Windows Firewall Settings for Microsoft Windows XP with Service
    Pack 2
    http://www.microsoft.com/downloads/d...displaylang=en

    Manually Configuring Windows Firewall in Windows XP Service Pack 2
    http://technet.microsoft.com/en-au/l.../bb877979.aspx

    7a. If on high-speed internet connection use a router in conjunction with
    #7 and #8.

    7b.Use Windows Firewall in conjunction with:
    Seconfig XP 1.0
    http://seconfig.sytes.net/
    Seconfig XP is able configure Windows not to use TCP/IP as transport
    protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139
    and 445 (the most exploited Windows networking weak point) closed.)
    OR
    Configuring NT-services much more secure.
    http://www.ntsvcfg.de/ntsvcfg_eng.html

    >> 7a.If on high-speed internet use a router as well.
    >> 8. Routinely practice safe-hex.

    >
    > a hate that word !
    > hex is not that easy and
    > it takes most people amble time to tell me what
    > 8146 is in hex


    http://www.claymania.com/safe-hex.html
    Hundreds Click on 'Click Here to Get Infected' Ad
    http://www.eweek.com/article2/0,1895,2132447,00.asp

    >> 9. Regularly back-up data/files.

    >
    > people who have no intention of learning how to automatize this
    > and/or don't know how will get confused when they have to deal with
    > multiple backups. as a result they'll tell you everything is backed up
    > while it hardly isn't and they'll start blaming 'you' of removing their
    > backups* and other evil stuff* if **** hits the fan.
    >
    >> 10.Familiarize yourself with crash recovery tools and re-installing your
    >> operating system (OS).
    >> 11.Utilize a real-time anti-virus application and vital system
    >> monitoring utilities/applications.
    >> 12.Keep abreast of the latest developments - Sh!t happens...you know.
    >> The least preferred defenses are:
    >> Myriads of popular anti-whatever applications and staying ignorant.
    >>

    > i agree we have to install mcafee here
    > and a girl who just got a new pc managed to attract a worm in 2 days
    > or so mcafee claims


    A number of experts agree that the retail AV version of McAfee, Norton and
    Trend Micro has become cumbersome and *bloated* for the average user and
    can play havoc with your computer.

    Removal tools for recent Mcafee products:-
    Request assistance from here:
    http://forums.mcafeehelp.com/
    or download and run:
    http://www.majorgeeks.com/McAfee_Con...ool_d5420.html
    or
    http://service.mcafee.com/FAQDocumen...=10005&type=TS
    or
    Download and run the McAfee Removal tool:
    https://us.mcafee.com/root/MCPR2.exe
    If you receive a security alert, click Yes.
    Click Save to download the file to a location on your computer.
    Navigate to the location where the file was saved.
    Ensure all McAfee application windows are closed.
    Double-click MCPR2.exe to run the removal tool.
    Note: Windows Vista users must right-click and select Run as Administrator.
    Restart your computer when prompted. Your McAfee products will not be fully
    removed until you restart.

    Good alternatives:
    Avira AntiVir® Personal - FREE Antivirus
    http://www.free-av.com/
    You may wish to consider removing the 'AntiVir Nagscreen'
    http://www.elitekiller.com/files/dis...ntivir_nag.htm
    or
    Free antivirus - avast! 4 Home Edition
    It includes ANTI-SPYWARE protection, certified by the West Coast Labs
    Checkmark process, and ANTI-ROOTKIT DETECTION based on the best-in class
    GMER technology.
    http://www.avast.com/eng/avast_4_home.html
    (Choose Custom Installation and under Resident
    Protection, uncheck: Internet Mail and Outlook/Exchange.)
    or
    AVG Anti-Virus Free Edition
    http://free.grisoft.com/
    (Choose custom install and untick the email scanner plugin.)
    or
    Kaspersky® Anti-Virus 7.0 - Not Free
    http://www.kaspersky.com/homeuser
    or
    ESET NOD32 Antivirus - Not Free
    http://www.eset.com/

    Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail
    http://thundercloud.net/infoave/tuto...ning/index.htm

    and (optional)
    On-demand AV applications.
    (add them to your arsenal and use them as a "second opinion" av scanner).
    David H. Lipman's MULTI_AV Tool
    http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
    http://www.pctipp.ch/downloads/dl/35905.asp
    English:
    http://www.raymond.cc/blog/archives/...irus-for-free/
    Additional Instructions:
    http://pcdid.com/Multi_AV.htm
    and/or
    BitDefender10 Free Edition (*NOT FOR VISTA*)
    http://www.bitdefender.com/PRODUCT-1...e-Edition.html


    > i told her the obvious thing is to flatten the system again, but she
    > asked me if i could disable the pop-ups instead.


    "The only way to clean a compromised system is to flatten and
    rebuild. That’s right. If you have a system that has been completely
    compromised, the only thing you can do is to flatten the system
    (reformat the system disk) and rebuild it from scratch (re-install
    Windows and your applications)..."
    http://www.microsoft.com/technet/com...mt/sm0504.mspx



    Good luck

+ Reply to Thread