FIX for ZoneAlarm & KB951748 issue released

Discussion in 'Windows Update' started by PA Bear [MS MVP], Jul 10, 2008.

  1. Only a fool would claim that proper egress control has no place in
    network security. Even the experts at Microsoft advise users to protect
    their data with egress control. You, of course, also know better than
    the folks at Microsoft.

    John
     
    John John (MVP), Jul 21, 2008
    1. Advertisements

  2. PA Bear [MS MVP]

    Root Kit Guest

    Beside of the fact that "Only a fool would claim..." marks the
    beginning of a non-argument - who are you addressing here? I don't
    recall anyone making the claim you're stating.
     
    Root Kit, Jul 21, 2008
    1. Advertisements

  3. PA Bear [MS MVP]

    Kayman Guest

    You just can't help yourself, can you.
    Name calling does not hide your immaturity.
    Where precisely did I claim that?
    Which 3rd party personal (so-called) firewall is MSFT recommending?
    Where are links, URL's, publications?
    Your assumption is nothing but an assumption (you've got to replace that
    crystal ball). And who in particular from MSFT are you referring to? I'd be
    genuinely interested to read their write-ups. If you're referring to the
    authors already mentioned in this thread, please point me to their
    publication(s) which state that 3rd party personal (so-called) firewall is
    an effective tool for controlling egress traffic.
    It seems you either totally not understanding my point or deliberately
    evading the issue!
    MSFT knows exactly well that outbound application protection is an
    illusion, which is why they don't offer such a (phony-baloney) thing.
    Unlike you, they understand the nature of their operating system, and are
    even honest enough to admit that outbound control is way too unreliable.
    Even commercial enterprises like Sunbelt, makers of Kerio and Steve Gibson
    of Gibson Research Corporation have finally conceded this fact!
    Now don't change directions here and twist this straightforward post into a
    convoluted psychedelic drivel.
    John John (MVP), WHERE IS THE BEEF? SHOW US THE MONEY! PUT UP OR SHUT UP!
     
    Kayman, Jul 21, 2008
  4. Thank you. But I have actually read all those documents. What I was
    interested in was to understand the technical (ral) reason for the
    incompatibility of ZA with KB951748.
     
    Paul (Bornival), Jul 21, 2008

  5. Thank you for your reply. I checked these forums but could not find
    specific information. Do you know which files were modified and why ZA could
    not cope with them ?
     
    Paul (Bornival), Jul 21, 2008
  6. You constantly shift the discussion from the value of proper egress
    filtering to software firewalls, even though I have said right from the
    start that egress filtering at the firewall can be foiled and that users
    should consider better methods. So get it in your thick skull, egress
    filtering at a perimeter appliance is a sound security measure, even the
    folks at Microsoft will tell you this:
    http://msdn.microsoft.com/en-us/library/aa302431.aspx

    Now maybe you should read what is says there and get a grip on yourself,
    you don't know all that there is to know about network security and data
    protection! Quite frankly you should not be one to speak of drivel, you
    spew enough of it yourself! If you are really too stupid to recognize
    the purpose and usefulness of egress traffic control then you are indeed
    lacking in the basics of network and data security!

    John
     
    John John (MVP), Jul 21, 2008
  7. As far as I recall, nobody in this thread has ever said otherwise. The
    discussion is about software firewalls, after all!

    Harry.
     
    Harry Johnston [MVP], Jul 21, 2008
  8. The Microsoft KB article describes the files that the update replaces:

    http://support.microsoft.com/kb/951748

    <http://support.microsoft.com/kb/951748>

    I haven't confirmed this myself, but my understanding is that ZA assumed that
    the changes were due to malware infection and refused to use the files.

    Harry.
     
    Harry Johnston [MVP], Jul 21, 2008
  9. nOh, thank you.
    Any idea why ZA assumed those changes were due to malware infection. I like
    to know the details sice, after all, software is not "magic" but somethig
    made by a human (and therefore, intelligible by another human) to be used by
    a machine (and not the opposite).
    Paul.
     
    Paul (Bornival), Jul 21, 2008
  10. PA Bear [MS MVP]

    Root Kit Guest

    Firewalls should just deal with network traffic. The fact that ZA has
    to resort to HIPS technology speaks volumes about what business they
    got themselves into.
     
    Root Kit, Jul 21, 2008
  11. Read Kayman's posts, specifically:


    John said:


    Kayman said:
    Does that not say that "any" outbound control (egress control) is "utter
    nonsense that is too unreliable to qualify as a security measure"? The
    comment was made in direct reply to my statement that egress filtering
    at the perimeter was a vital part of network security, how else can you
    interpret Kayman's reply?

    John
     
    John John (MVP), Jul 21, 2008
  12. PA Bear [MS MVP]

    Kayman Guest

    Don't know (can't locate) any technical reasons re incompatiblity. My guess
    is that ZA just did not realize the impact KB951748 would have to their
    software. For the ZA users, this actually would be an interesting question
    to ask in their forum.
     
    Kayman, Jul 22, 2008
  13. Believe me, it's been all over the ZoneAlarm forum. The first thing
    you see now when you enter the forum is a

    G R E A T B I G W A R N I N G

    about the situation and its fix.
     
    Anthony Buckland, Jul 22, 2008
  14. [John John quoting Kayman:] "Fact: Outbound control on an XP platform as a
    security measure against malware is still utter nonsense. The windows platform
    was designed with usability in mind providing all kinds of possibilities for
    e.g. inter-process communication."

    Kayman is obviously talking about software firewalls here, since otherwise IPC
    would be irrelevant. I can't speak for Kayman, of course, but I'd guess he
    simply missed the fact that you'd unexpectedly changed the subject.

    ... on the other hand, and speaking only for myself, I don't see how external
    egress filtering is going to help much; how is the device to distinguish between
    legitimate and illegitimate traffic? (Well, OK, there's the obvious case of
    spam engines, but apart from that ...)

    Harry.
     
    Harry Johnston [MVP], Jul 22, 2008
  15. I would guess it simply assumed that /any/ change to the network stack must be
    due to malware. The real answer may be more complex than this, but only the
    developers could provide it.

    Harry.
     
    Harry Johnston [MVP], Jul 22, 2008
  16. PA Bear [MS MVP]

    jen Guest

    jen, Jul 22, 2008
  17. Thanks. This description doesn't gibe completely with some of the reported
    behaviour (in particular the claim that reinstalling ZoneAlarm fixed the issues)
    but perhaps the reports were confused.

    Be that as it may, the only situation I see where Microsoft could rightly be
    blamed is if Zone Alarm had asked to receive pre-release versions of updates for
    testing and Microsoft had refused. Microsoft can't reasonably be expected to
    bear the cost of testing third-party products with new updates (particularly
    those using undocumented techniques to pervert the functioning of the operating
    system) but they should of course be cooperative with reputable third-party vendors.

    Harry.
     
    Harry Johnston [MVP], Jul 22, 2008
  18. PA Bear [MS MVP]

    Kayman Guest

    This thread is about what the original heading suggests; It later graduated
    to security issues in relation to 3rd party personal (so-called) firewalls.

    I reiterate, this thread is about 3rd party personal (so-called)
    firewall(s)! My posts and responses were composed accordingly!

    If anybody is running around like a headless chicken it is you.

    The sole purpose for snipping my posts so cleverly is to save your face; It
    enables you to take my responses out of context which is a sorry attempt
    for trying to re-establish your credibility!

    After reading my posts in their *UNCUT* version, anybody with average
    reading skills and moderate level of comprehension see through your 'game'.

    John John (MVP), After you've wiped the tons of eggs from your face, I
    suggest you never ever touch that subject again, change your name, sell
    your house and migrate to Andorra or Lesotho then join a yacht club and
    teach sailing.

    I am done with you.
     
    Kayman, Jul 22, 2008
  19. PA Bear [MS MVP]

    Kayman Guest

    Okay, okay, okay; I believe you! I have no reasons for visiting that
    particular forum. What have/had the *moderators* (not the posters) to say
    in relations to the DNS issue?
     
    Kayman, Jul 22, 2008
  20. Paul (Bornival), Jul 22, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.