ZoneAlarm & KB951748 - My Fix Works!

Discussion in 'Windows Update' started by ju.c, Jul 9, 2008.

  1. ju.c

    ju.c Guest

    ZoneAlarm & KB951748 - Where's my internet?

    My solution that actually works after trying all those below and on
    every other post, and you can keep all your other settings alone:

    1. Open ZoneAlarm's 'Firewall' tab.
    2. Click the 'Custom' button under 'Internet Zone Security'.
    3. On the 'Internet Zone' section scroll down to 'Allow outgoing UDP
    ports'.
    4. Check it and enter "80-3000", click 'Apply' button.
    5. Do the same for 'Allow outgoing TCP ports'.
    6. Click OK.

    * The range "80-3000" is just a guess on my part, if anyone knows a
    better range please post it.

    Please post success or failure, thank you.


    ZoneAlarm is investigating the issue with Microsoft update KB951748:
    http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&thread.id=52785

    To solve this, just reset the ZA database and the ZA will be "fresh" as
    when it was first installed:
    http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727

    ZoneAlarm Customer Care How to Perform a Clean Install:
    http://www2.nohold.net/noHoldCust542/Prod_1/Articles55646/clean_install.html

    MS update KB951748 and ZoneAlarm:
    http://www.dslreports.com/forum/r20759839-MS-update-KB951748-and-ZoneAlarm-PROBLEM

    *** Where the real blame lies!!!
    Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor
    Patch Released:
    http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/

    To find out if the DNS server you use is vulnerable:
    http://doxpara.com/


    ju.c
     
    ju.c, Jul 9, 2008
    #1
    1. Advertisements

  2. Roger Overunder, Jul 9, 2008
    #2
    1. Advertisements

  3. ju.c

    ju.c Guest

    ju.c, Jul 9, 2008
    #3
  4. Hi ju.c -

    Thanks for the reply, but I think if you check, you'll find the message-link
    you posted was from yesterday (June 8th in USA):

    "07-08-2008 03:51 PM"

    The message I linked to has today's date:

    "Message Edited by Forum-Moderator on 07-09-2008 07:11 AM"

    Folks can do whatever they're comfortable with and it'll be interesting to
    see how your solution works for other people!
    =================
     
    Roger Overunder, Jul 9, 2008
    #4
  5. ju.c

    whosbest54 Guest

    The official temp workarounds from ZA are here:

    http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html

    whosbest54
    --
    The flamewars are over...if you want it.

    Unofficial rec.audio.opinion Usenet Group Brief User Guide:
    http://www.geocities.com/whosbest54/

    Unofficial rec.music.beatles Usenet Group Brief User Guide:
    http://www.geocities.com/whosbest54/rmb.html
     
    whosbest54, Jul 9, 2008
    #5
  6. ju.c

    Gis Bun Guest

    You don't want to open up ports as it opens up a can of worms. Your
    suggestion opens around 2920 TCP and UDP ports.

    Take ZoneAlarms section option. It is the most secure.
     
    Gis Bun, Jul 9, 2008
    #6
  7. That's one reason I wasn't too keen on doing it myself, Gis.
     
    Roger Overunder, Jul 9, 2008
    #7
  8. See related conversations in this forum:
    http://forum.zonelabs.org/zonelabs/board?board.id=cfg

    Keep an eye on this thread:
    http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52785

    Although the fix here should work:
    http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52727

    I strongly disagree with this advice:
    http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html

    Perhaps a better firewall is what's needed?
    http://www.matousec.com/projects/firewall-challenge/results.php
    --
    ~Robear Dyer (PA Bear)
    MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
    AumHa VSOP & Admin http://aumha.net
    DTS-L http://dts-l.net/


    <snip>
     
    PA Bear [MS MVP], Jul 9, 2008
    #8
  9. ju.c

    ju.c Guest

    I've asked this question a few times before, how is it possible to be so
    dumb?

    What ports are opened?
     
    ju.c, Jul 10, 2008
    #9
  10. ju.c

    ju.c Guest

    Not too bright, are we?

     
    ju.c, Jul 10, 2008
    #10
  11. ju.c

    Daf Guest

    Daf, Jul 10, 2008
    #11
  12. ju.c

    Gis Bun Guest

    PA, when you said "I strongly disagree with this advice:", I'd assume you
    ment the "options" as the update should fix the issue [haven't tried it yet].
     
    Gis Bun, Jul 10, 2008
    #12
  13. ju.c

    Gis Bun Guest

    Now I'm not a network security expert, but I do know [and probably obvious]
    that the less you enable to the Internet, the better.

    When someone tries to hack into your system [all this of course is an
    example], they will use a utility to scan ports to see which are accessible.
    Once the port is open, they could have access to your PC.

    Alternatively, if your PC was infected with a trojan and you opened a bunch
    of ports, the trojan may be programmed well enough to exit your PC through an
    open port.
     
    Gis Bun, Jul 10, 2008
    #13
  14. The press release has been revised several times since it was released on 08
    July and since I posted it in this thread.

     
    PA Bear [MS MVP], Jul 10, 2008
    #14
  15. ju.c

    dmahtc Guest

    I used "ju.c" suggestion on my ZA Security Suite. It worked. Thanks "ju.c".
    Later I removed the "ju.c" suggestion and went to Zonelabs web site and
    downloaded new version of ZA Security Suite. It gave me Internet access.
    Also it starting a virus/spyware scan automatically. Everything seems to
    normal.
     
    dmahtc, Jul 10, 2008
    #15
  16. ju.c

    ju.c Guest

    Again I ask, what ports would my fix open?


     
    ju.c, Jul 11, 2008
    #16
  17. ju.c

    ju.c Guest

    I'm going to enlighten you once and for all, you stupid fool, Gis Bun!

    (Before the latest ZoneAlarm update)

    Option 1
    What to do - Move the slider from Stealth to Medium.
    What it does - Enables all outgoing ports. (and more)

    Option 2
    What to do - Uninstall KB951748.
    What it does - Leaves you vulnerable.

    Option 3
    What to do - Uninstall ZoneAlarm and use the Windows firewall.
    What it does - Keep KB951748. Loose ZoneAlarm. No outgoing port control.

    My Option 4
    What to do - Only allow limited outgoing ports.
    What it does - Keeps ZoneAlarm on Stealth. You keep KB951748. Only a few
    outgoing opened ports. Almost full security maintained.


    ju.c


     
    ju.c, Jul 11, 2008
    #17
  18. Who needs any of those options when upgrades are available to address the
    problem? =>
    http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
    ??


     
    PA Bear [MS MVP], Jul 11, 2008
    #18
  19. ju.c

    ju.c Guest

    Wow, again I ask, how is it possible to be so dumb?


     
    ju.c, Jul 12, 2008
    #19
  20. I am happy you found a solution (work-around) for the problem - but as you
    implied yourself (above) - it is a moot point now. Zone Alarm admitted and
    repaired their issue by releasing an update.

    What the last sentence says to me is, "everything else done prior to the
    update (your solution included) was not the optimum solution and now there
    *is* an optimum solution for those who feel they need something like Zone
    Alarm to 'protect' their system - which is to update to the latest version."

    There actually was a 'more secure option' than any of the ones listed above
    (before the patch - again this is a moot point) available out there...

    -----
    Add your DNS servers to trusted zone

    1. From the "Overview" panel, select the "Firewall" panel then click on the
    "Zones" tab
    2. Click "Add", then select "IP address" from the shortcut menu. The Add IP
    Address dialog appears. Select "trusted" from the Zone drop-down list
    3. Type the IP address and a description in the boxes provided, then click
    "OK"
    4. If you are not sure what IP addresses to add:
    - Click the Start Menu
    - Click on Run. Type "cmd.exe"
    - In the command prompt type: "ipconfig /all". Look for DNS Server(s)
    in the output of the command.
    - For each IP address listed, navigate to the "Zones" panel of the
    "Firewall" tab, add the IP address, select "Trusted Zone", and
    press "Apply"
    5. After you are done adding DNS servers click the "Apply" button
    -----

    But again - all a moot point now.

    If someone feels they need the 'protection' that Zone Alarm gives them over
    that of the Windows SP2 Firewall - then their best course of action is to
    apply the latest version of Zone Alarm as suggested by the manufacturer
    themselves. I hope that anyone still out there experiencing this issue and
    searching for an answer that happens across this conversation first does
    *that* suggestion above all others (but - they are welcome to do the rest -
    their life.)
     
    Shenan Stanley, Jul 12, 2008
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.