FIX for ZoneAlarm & KB951748 issue released

Discussion in 'Windows Update' started by PA Bear [MS MVP], Jul 10, 2008.

  1. - shutting down servies is nice ... but the trouble is that the MS
    documentatin is so poor that you never know what you really do when you shut
    down a service ... untill someone comes and complain that things do not work
    any longer as they did before... Then you realize that you better not shut
    down any service ... (I could luch longer about that, but, believe me, ther
    are so many softwares that capitalize on existing "default" Windows services
    that you think twice before shutting one down...).

    - packet filters are nice, but are you going to implement them on 30
    computers with different requirements ...

    - the build-in firewall was so well hidden that I only discovered its
    existence by accident, and it was not very esay to master... I guess MS never
    advertised it because they knew how weak and inefficient it was. If what I
    say is not true, why did not advertise it ?

    Oh simple... a workgroup with 30 computers in peer-to-peer configuration and
    in a very open environment (each computer ahs a PUBLIC IP address - do not
    ask me why, this is so - but each needs to be reachable from outside by me
    and a few other authorized persons...; no domain as we had no one to be its
    administrator and if the domain server fails, evryting fails ...). Seems
    crasy, but since we got ZA on all machines, we simply have no more any
    problem ...
    Well, did YOU really tested ZA ?
     
    Paul (Bornival), Jul 17, 2008
    1. Advertisements

  2. I am amazed by how strongly people linked to MS state that outbound
    filtering is unecessary or even countreproductive. Yet, other people, not
    linked to MS, think otherwise. Why is it so ?
     
    Paul (Bornival), Jul 17, 2008
    1. Advertisements

  3. PA Bear [MS MVP]

    Kerry Brown Guest

    I don't think very many people that understand security think outbound
    filtering is not a useful thing to do. Many people that understand how
    computers work think that relying on a software firewall to stop something
    that is running on the same computer and has the same or higher privileges
    as the firewall isn't a good thing or even possible. Outbound filtering is
    very useful for some situations. Outbound filtering to stop malware where
    the filtering and the malware are on the same computer is a fool's game. For
    security outbound filtering is best done by something that is not running on
    the computer to be filtered. For other reasons, like blocking p2p traffic or
    messenger traffic (i.e. non-malicious traffic) outbound filtering via
    software on the computer works but I still prefer to do this elsewhere.
    Filtering like this means you are trying to restrict the user from doing
    something. Using software on the computer the computer to restrict the user
    is also a fool's errand. Anyone who has physical access to the computer and
    a little bit of knowledge can bypass it.

    --
    Kerry Brown
    MS-MVP - Windows Desktop Experience: Systems Administration
    http://www.vistahelp.ca/phpBB2/
    http://vistahelpca.blogspot.com/
     
    Kerry Brown, Jul 17, 2008
  4. PA Bear [MS MVP]

    H.S. Guest

    Looks like MS does not want to invest time and resources in developing a
    full firewall and is thus marketing and trying to convince its users
    that outbound control is unnecessary.

    Historically, MS has wanted their OS to be used by dumb average Joe
    users and thus tuned its system as such. Consequently, they compromised
    on multiuser features, restricted user usage habits and proper computer
    terminology. Result: Almost all users believe Windows must be run in
    admin mode. They do not gain any basic knowledge about computers which
    is commonplace among computer technologists (MS uses its own
    nomenclature, as you mentioned, probably based on recommendations by
    marketing drones). All this leads to significant ignorance of important
    issues related to computer security.

    But to be fair, these marketing strategies also resulted in the boom of
    personal computer.

    Also, the strict control over licenses also played a very important role
    in making Linux what it is today: secure, open source and, these days,
    with better GUI than Windows in many respects. Had Windows been "open",
    maybe there would not have been as much impetus in making Linux distros
    so user friendly. I have myself seen that current version of Ubuntu is
    much more easier to install than Windows!
     
    H.S., Jul 17, 2008
  5. PA Bear [MS MVP]

    H.S. Guest

    Here is another one: I do not like that every time I open an MS
    application (Word, Excel, Windows ... ), it tries to talk to Microsoft.
    My firewall warns me about it and I deny it.

    Now, I have no idea why the application is trying to phone home. Why
    should it? The only reason I would accept is if it is trying to find
    updates. Well, in that case, I would rather do that myself, thank you
    very much. Online help? No, don't need it. Any other reasons? Sorry, now
    you are invading my privacy.
     
    H.S., Jul 17, 2008
  6. No one here works for or represents MS, including MVPs.

    The Windows Firewall is inbound/outbound.
     
    PA Bear [MS MVP], Jul 17, 2008
  7. Office Help is now online, d00d. Wake up and smell the coffee.
     
    PA Bear [MS MVP], Jul 17, 2008
  8. PA Bear [MS MVP]

    H.S. Guest


    Did you even read the rest of my post? Why are you snipping the relevant
    parts?
     
    H.S., Jul 17, 2008
  9. PA Bear [MS MVP]

    H.S. Guest

    On XP Pro? Didn't think so.
     
    H.S., Jul 17, 2008
  10. Conversation in entirety:
    http://groups.google.com/group/micr...8/b3486be8412ee2af?lnk=st&q=#b3486be8412ee2af



    <reference to the inbound/outbound argument parts only>

    This is one of those debates like *nix vs. Windows vs. OS X.

    Nothing is proven on any side, examples abound (some truthful and realistic
    from the single instance, some not so much) and nothing but emotions and
    egos get exposed.

    Personal experience and outside articles are quoted a lot. Some good for
    that single instance in time, others pulled from myth and legend and still
    others might actually hold up over scrutiny (the latter is often over-looked
    in the debate and glossed over at every turn by those opposed to the topic.)

    Ideas like "outbound only catches the stuff you already have and who says
    the application in question did not just change your outbound rules as you
    installed it so you still don't know you have it?" and "I like to know when
    something attempts to 'call home'" seem to cover most of the arguments.
    (Sound like "Windows has more security holes than other OSes" and "Macs just
    don't get viruses"...? Yeah - same type of arguments. heh)

    In the end - both are right, both are wrong. It's a personal preference.
    It's a way of computing, a mind-set, a need. I know many people who have
    ran many different OSes for many many years without a single instance of
    infection/infestation and they run no antivirus software and no antispyware
    software. They continuously (when someone finds out) get questions like
    "how do you know you actually don't have a virus or spyware/adware if you
    don't run anythign to prevent/check for it?"

    In the end - I just go by the idea that making things more complicated is
    seldom the proper course of action... Simplistic solutions are usually the
    most effective and the most eloquent.

    So which way do _I_ lean? Doesn't matter.

    Each person has their own reasoning behind whatever it is they do. I have
    used many different solutions (I do like to try things - see what I can
    learn and find) - and I do offer advice on the ones I tried that seemingly
    did their jobs without _over-complicating_ my life just to keep it working.
    However - I know that will be different for each person, and I cannot say
    which is less complicated for any one of them. Advice: Try each solution
    *if* this whole topic has any importance to you.

    All anyone here can offer is that someone practice some common sense. The
    world is dangerous - your computer gives you options the rest of the world
    does not (I cannot backup my car so that when I get in a wreck, I just
    reload for near instant recovery) - use them. Protect yourself when you can
    (Equate each of these to something on your computer: lock your doors to make
    it harder for intruders to get in while you are there *or* away, wear a coat
    when it is cold, wear sunglasses to protect your eyes, put on sunscreen to
    protect your skin, brush your teeth to prevent cavities, pick up 'your
    room', take out the garbage, cover your face when you cough/sneeze, store
    copies of important documents(life insurance, will, deeds, etc) far away
    from the originals, etc.)

    I know someone could pull one (or more) argument for one side or the other
    out of those - I could do it right now. heh

    The point - if the solution for everyone was obvious and one-sided - there
    would be no discussion. Being that each person is unique with differing
    experiences and external facts that help support their own experiences - the
    discussion is never-ending. Not one person here can definitively win their
    argument (even if you get rid of every actual 'crazy argument' -- although
    who decides that is yet another debate. hah)

    Interesting that a discussion about a particular patch that exasperated a
    problem in a particular piece of software could spawn a conversation along
    these lines... And the subject line stays the same through out. Amazing
    really.
     
    Shenan Stanley, Jul 17, 2008
  11. PA Bear [MS MVP]

    Kerry Brown Guest

    That is the only reason I can think of to use outbound filtering running on
    the computer. Personally I'm not that paranoid about programs I install
    phoning home. In most cases I prefer that they do. Specifically in
    Microsoft's case I let it send the reports about how the program is working
    on my computer. These reports are anonymous and used to improve the product
    and fix bugs. For me that's a good thing. I do understand that some people
    don't think about this in the same way. In most cases this reporting can be
    turned off from within the program but it is often buried in an out of the
    way place. If this is your concern then by all means install a 3rd party
    firewall and use it to block this type of traffic. The whole point of my
    posts is not related to this. The point I'm trying to make is that one
    application cannot be relied on to block malicious outbound traffic from
    another application on the same computer. The traffic you want to block is
    not malicious or trying to hide in any way.

    --
    Kerry Brown
    MS-MVP - Windows Desktop Experience: Systems Administration
    http://www.vistahelp.ca/phpBB2/
    http://vistahelpca.blogspot.com/
     
    Kerry Brown, Jul 18, 2008
  12. PA Bear [MS MVP]

    Kayman Guest

    On Thu, 17 Jul 2008 13:07:01 -0700, Paul (Bornival) wrote:

    Disable any unnecessary and potentially dangerous Services
    Configure and adjust Services to suit your computing needs
    Windows XP Service Pack 3 Service Configurations
    http://www.blackviper.com/WinXP/servicecfg.htm

    (This can be a tedious exercise but will bear fruits later on!).
     
    Kayman, Jul 18, 2008
  13. PA Bear [MS MVP]

    Kayman Guest

    You are wrong! Keep on lurking and you'll see why :)
     
    Kayman, Jul 18, 2008
  14. PA Bear [MS MVP]

    Leonard Grey Guest

    "Looks like MS does not want to invest time and resources in developing
    a full firewall..."

    Sheesh, they got into enough trouble for bundling a web browser and a
    media player. Now you want them to bundle a firewall?
     
    Leonard Grey, Jul 18, 2008
  15. PA Bear [MS MVP]

    Kayman Guest

    The situation is very simple; If you don't trust an application then don't
    install it in the first place!
    Read EULA prior installing software and if deemed to be 'trustworthy' find
    out reasons as to why it is phoning home. If you still don't like it
    disable this function.
     
    Kayman, Jul 18, 2008
  16. PA Bear [MS MVP]

    Kayman Guest

    You are completely wrong with your assumptions.
    Educational reading not only for the Vista user:
    Managing the Windows Vista Firewall
    http://technet.microsoft.com/en-us/magazine/cc510323.aspx
     
    Kayman, Jul 18, 2008
  17. PA Bear [MS MVP]

    Kayman Guest

    Well, I don't think the discussion is about a particular software per se.
    Rather the requirement of 'outbound control' after the introduction of NT.
    Jesper M. Johansson wrote educational articles about this subject
    extensively. It's an important security subject and the message is not easy
    to convey, especially if one is blinded by the hype created by the makers
    of 3rd party software.
     
    Kayman, Jul 18, 2008
  18. Conversation in entirety:
    http://groups.google.com/group/micr...8/b3486be8412ee2af?lnk=st&q=#b3486be8412ee2af



    Shenan wrote:
    Actually - if you read what I posted - this 'discussion' did start out as I
    stated...
    The subject line points this out quite readily. ;-)

    It "spawned" into what you are speaking of.
     
    Shenan Stanley, Jul 18, 2008
  19. Before Windows XP what were people using? What were they using on NT4
    and on Windows 2000? Just because XP got a firewall now anything else
    has suddenly become unfit for use? Geez, I guess next the hype will be
    that anything but One Care will be no good.

    John
     
    John John (MVP), Jul 18, 2008
  20. PA Bear [MS MVP]

    H.S. Guest

    Ah, I see, leaving no stones unturned to convince people to switch to Vista!
     
    H.S., Jul 18, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.