Friendly Warning for WinXP and ZoneAlarm users
#1
So I'm not done trying solutions, but the MS update KB951748 which is fixing a potential DNS exploit changes a lot of networking files and breaks ZoneAlarm. You can work around this by setting ZA to medium settings for the Internet but from the 5 minutes of research I've done I've not seen another solution that is sure to work and keep ZA operational. Even a clean removal and reinstall of ZA doesn't seem to fix it.

I'm going to be poking some more at this issue to see what else I might find, but you might either want to hold off on the windows update (the exploit is old so I'm not sure waiting another day or two for ZA or MS to get something else out there is critical for most folks) or be prepared to play with ZA settings.
---
It's all just zeroes and ones and duct tape in the end.
Reply
#2
People still use ZoneAlarm?
Reply
#3
Quote:People still use ZoneAlarm?

Last time I looked ZoneAlarm and BlackIce were still the top two in market share. Not saying they are the best but it's a common enough application that I figured a friendly warning was woth a post. I've only got it on my system because there are times that I'm connected to the net and not behind my hardware firewall and it works well enough without causing other issues (until today:)and it's still more secure than the windows built in one. It wasn't my first choice but Sygate stopped supporting their personal one about 2 years ago now and ZA worked so I just kept it even though I know there is better out there and that I'd pretty much be fine even if I didn't run it. :)
---
It's all just zeroes and ones and duct tape in the end.
Reply
#4
I used ZA's security suite. Using a temporary trial copy of Norton ATM to see if the ZA thing gets fixed. I didn't like ZA, and found it incompatible with some programs. If the WinXP "fix" truly nukes ZA, then I think my time with ZA is over.

What is a decent AV/FW product then?
Reply
#5
Hi,

Quote:. . . and that I'd pretty much be fine even if I didn't run it. :)
Which leads to my question:)

My home net is behind a hardware firewall on the router. I've turned off the XP firewall and do not run any software firewall on the PCs. I've seen arguments both ways, but I trust the people here more than most. So, is there any need or advantage to running a software firewall in my configuration? And, if yes, what does it do (I understand what a firewall does, but what does the software one add)?

--Pete

How big was the aquarium in Noah's ark?

Reply
#6
Quote:Hi,
Which leads to my question:)

My home net is behind a hardware firewall on the router. I've turned off the XP firewall and do not run any software firewall on the PCs. I've seen arguments both ways, but I trust the people here more than most. So, is there any need or advantage to running a software firewall in my configuration? And, if yes, what does it do (I understand what a firewall does, but what does the software one add)?

--Pete
I do the same Pete. I have the cable modem/router providing the border security. I am fanatic about having each machine run a daily virus scan (3am), Spyware scan, and I use WinPatrol to sense and prevent any changes to the machine's registry or other common files.
”There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy." - Hamlet (1.5.167-8), Hamlet to Horatio.

[Image: yVR5oE.png][Image: VKQ0KLG.png]

Reply
#7
Quote:I understand what a firewall does, but what does the software one add
It depends on if it's purely just a firewall or not. Programs like ZA will monitor incoming and outgoing network traffic just as a hardware firewall does, but also have extra features such as notifying you when programs are changing your system configuration, which is something a hardware firewall cannot do. They usually also have built in virus scans, etc.

In otherwords, they're protection suites, not just firewalls. And to answer your question: if all the software does is simply provide the firewall, then no, you don't need it if you have a hardware firewall.
"What contemptible scoundrel stole the cork from my lunch?"

-W.C. Fields
Reply
#8
Quote:My home net is behind a hardware firewall on the router. I've turned off the XP firewall and do not run any software firewall on the PCs. I've seen arguments both ways, but I trust the people here more than most. So, is there any need or advantage to running a software firewall in my configuration? And, if yes, what does it do (I understand what a firewall does, but what does the software one add)?

I just use the hardware firewall in my router. From what I've read, there is no additional benefit to using a software one as well. It's like being inside of an armored vehicle and wearing a jockstrap.
Reply
#9
Hi,

Quote:It's like being inside of an armored vehicle and wearing a jockstrap.
:DGood one.

Of course, wouldn't that be more like a firewall and a anti-virus? Perhaps an armored vehicle and a flack jacket would be a better simile, but it's not as funny.

Thanks to kandrathe and LennyLen as well. I'll pick something else to obsess about now that that's cleared up;)

--Pete

How big was the aquarium in Noah's ark?

Reply
#10
Quote:So I'm not done trying solutions, but the MS update KB951748 which is fixing a potential DNS exploit changes a lot of networking files and breaks ZoneAlarm. You can work around this by setting ZA to medium settings for the Internet but from the 5 minutes of research I've done I've not seen another solution that is sure to work and keep ZA operational. Even a clean removal and reinstall of ZA doesn't seem to fix it.

I'm going to be poking some more at this issue to see what else I might find, but you might either want to hold off on the windows update (the exploit is old so I'm not sure waiting another day or two for ZA or MS to get something else out there is critical for most folks) or be prepared to play with ZA settings.

Have you tried this?

http://download.zonealarm.com/bin/free/pre...ccessIssue.html
"Nothing unreal exists."
-- Kiri-kin-tha
Reply
#11
Quote:Have you tried this?

http://download.zonealarm.com/bin/free/pre...ccessIssue.html

Oh I guess I never posted in this thread again. ZA put out a never version a day and half after the MS update that removed the conflict. So when I made the original post the newest version of ZA had issues, but yeah that is no longer the case if you have the newest version of ZA it doesn't matter anymore. It's been fixed for weeks. :)
---
It's all just zeroes and ones and duct tape in the end.
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)