Results 1 to 8 of 8

Thread: Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

  1. #1
    eavesdropper Guest

    Default Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

    Zone alarm detects 2 networks on my machine:127.0.0.1
    which is the loopback and should be set to trusted (?)and 192.168.1.0/255.255.255.0
    As I gather this last one is my LAN, which I set to trusted (if I set it to internet, I cannot share recourses
    on the network).I do not understand where the actual internet network is. Both networks detected are set to TRUSTED. Which results in there being NO INTERNET ZONE.
    Please Help! What am I doing wrong here?Am I open to attacks with these settings?

    Operating System:Windows XP Pro
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

    Hi Eavesdropper

    <blockquote><hr>Eavesdropper wrote:
    Zone alarm detects 2 networks on my machine:127.0.0.1
    which is the loopback and should be set to trusted (?)and 192.168.1.0/255.255.255.0
    As I gather this last one is my LAN, which I set to trusted (if I set it to internet, I cannot share recourses
    on the network).I do not understand where the actual internet network is. Both networks detected are set to TRUSTED. Which results in there being NO INTERNET ZONE.
    Please Help! What am I doing wrong here?Am I open to attacks with these settings?

    Operating System:
    Windows XP Pro
    Software Version:
    7.0
    Product Name:
    ZoneAlarm Internet Security Suite

    <hr></blockquote>


    OK it goes like this.
    The "loopback" is correctly called the localhost. This is always seen as the 127.0.0.1 address in all windows machines. It is strictly an internal address of the PC itself and is always Trusted. This address can never be seen by any outside address or PC or server and this internal address cannot call out. Absolutely safe.

    Now we have the "192.168.1.0/255.255.255.0" which I assume to be the address your cable router. Your router is doing the DHCP or Dynamic Host Configuration Protocol for the PC and for the other PC on your home LAN. This is a Private Network and not the Internet itself. Only the public side of the Router has the public IP as assigned by your Internet Provider. But the router does the NAT or Network Address Translation for your private LAN. Any of the addresses as given by the router to the PC (and others on the home network) are never a public address - so any of the addresses are always safe from the direct internet contact. So the router IP of 192/168.1.0 is safe and should be Trusted.

    The entire home network you have has a complete range of 192.168.0.0 to 192.168.255.255.

    OK Now comes the issue of not getting any file sharing between the PC on your home network. Do this:
    Open the other PC and do this:
    1. Go to Run (under the Start button) and type in command and hit 'ok', and in the command then type in ipconfig /all then press the enter key. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side. Make sure there is a space between the ipconfig and the /all, and the font is the same (no capitals).
    2. In ZA on your machine on the Firewall, open the Zones tab, click Add and then select IP Address. Make sure the Zone is set to Trusted. Add the DNS IP(s) .
    3. Click OK and Apply. Then do the same for the DHCP server.
    4. The localhost (127.0.0.1) must be listed as Trusted.
    5. The Generic Host Process (svchost.exe) as seen in the Zone Alarm's Program's list must have server rights for the Trusted Zone.
    Plus it must have both Trusted and Internet Access.

    Extra help is found at Guru Hoov site for the DNS/DHCP.

    Please note that the other PC has a different assigned IP from the original PC. Write down this particular IP. Plus enter the DHCP, localhost and DNS servers into the ZA of that PC.

    Then open the other PC and do the ipconfig /all in that PC. Open the ZA on that PC and make sure the DNS, DHCP and local host are listed as Trusted. And enter or add the IP address of the other PC as Trusted in the Zones. Then in the other PC add or enter the IP of the PC as Trusted in the Zones.
    Once both machines have each other individual IP listed as Trusted in the Zones, the file sharing should be allowed.

    OK. Back to your concerns about attacks. No security risks are present. Only the allowed IP are trusted and none of these are public. Even the DNS server from your provider is not a public address and it too is a private IP. Furthermore, the router is doing an additional hardware firewall and is blocking all unwanted inbound attempts by the SPI or stateful packet inspection. Just as the ZA is doing. Plus you should have file sharing now allowed on your home network.

    Best regards, Oldsod
    Best regards.
    oldsod

  3. #3
    eavesdropper Guest

    Default Re: Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

    Hi Oldsod,
    I really appreciate you answering my question on zones in depth!I did what you told me to do, and it works fine. It did work before (the file sharing on my home LAN) but I understood nothing about it.I do have 2 external IP addresses registered 'trusted' now; the 2 DNS Servers. Both addresses start with 195.241.77 so they're not part of my home network.The thing that confuses me is that in ZoneAlarm there is no network called 'Internet'. There's only those 2 I mentioned before: 12.0.0.1 and my LAN 192.168.1.***I'll have a read about it. There's not a real section in the maual, though I only have the mamual to ZA6.5that link you sent.
    Anyweay, this is mostly a 'Thank you' mail. I've been struggling with this issue for months, did get it to work, but never knew whether
    was save or not.Now I know I am.
    Cheers,Rudy.

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

    Hi Rudy
    You are welcome.
    Lots to read in the links from the previous post.
    Help is easy to find. Just open the Zone Alarm and press the F1 key of the keyboard. Some times the Index will lead you to the info and sometimes it's Search will help you.

    The 195.241.77.x 's are the DNS server from your internet provider (which I guess is tiscali.nl). These servers are not internet in the truest sense.
    These DNS servers are connected directly to your modem and router (this is not just the 192.168.x.x or the DHCP address, but also carries the IP assigned to you by your provider)) and home network (192.168.x.x 's) and the PCs (127.0.0.1). This makes the Trusted Zone. Anything else such as any internet web server or internet site or internet PC (not on your LAN) is always considered to be Internet or in the Internet Zone. It goes without saying it. That is why there is nothing with any default internet tags.
    Once the localhost and the DHCP and the DNS and any sharing PC addresses are identified as Trusted, all the rest of the internet IPs are considered to be the internet.

    Oldsod

    Message Edited by Oldsod on 11-10-2007 12:51 PM
    Best regards.
    oldsod

  5. #5
    eavesdropper Guest

    Default Re: Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

    Hi again, Oldsod,
    Got it all setup properly, and as I said, it works flawlessly.But it made me think: If those other side addresses (the DNS 195.241.77.**) are in my trusted zone, thensomeone from that address would be able to access my LAN and what is shared on it. I know they are not internet in the true sense, but still.So I deleted them form ZoneAlarm, and the file sharing still works perfectly!Then why do I need to tell the firewall about them at all?What use do they have if the thing I wanted, sharing files on my LAN, works fine without them?
    I ask for 2 reasons :1:



    Because I just like to understand. Maybe you could send me a link to some page where the stuff is explained in layman's terms...?2:



    I'm planning to install Remote Desktop on my machines. Actually just for the fun of it. I'll take my laptop to work or to where-ever and want to access and control







    my home machine from there.
    Maybe those DNS addresses will serve a purpose then...I don't know.
    I don't know whether you are a very busy man or not; for me this thing is only play anyway, so I don't mean to take up loads of your time. But be it play, it's some kind of hobby too, so I'd like to understand if I can.
    Cheers,Rudy.

  6. #6
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

    You do not need the dns servers for the local home network. The DNS servers or "domain host name servers" are only for the internet visits such as web browsing or getting email for the email clients. Every DNS server is very secure and has no foul play - especially the servers from your provider. If you read all of the pervious links, you will see the dns servers have been used for almost every web viist, browsing session, update(s) and getting the emails.
    The dns server are part of a global system that is closely regulated. I seriously doubt there is even an individual at the dns servers of your provider. If you doubt the trust worthiness or security of your provider's dns servers, perhaps you should consider changing providers.
    Oldsod
    Best regards.
    oldsod

  7. #7
    eavesdropper Guest

    Default Re: Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

    Hi Oldsod,
    It's really not that I don't trust those servers or so, it's just that I thought they were 'internet', which for me, being the layman, just sounded as if there were some danger to expect.Please understand that there is no comparing my knowledge or insight of and in these matters to yours. and of course I may be a bit paranoid, having had several viruses on the machine, luckily none of which were untreatable by ZoneAlarm. I do understand these servers translate words
    and names into ip-addresses, but furthermore I know nothing!Having somebody around
    who does know his way in this computer world makes it very tempting to just shoot any of the questions I have.So, no, i'm not going to change ISP, as the next would offer DNS servers as well, and for some reason I need them for my internet to function properly. they're not there for no reason, I reckon.Confuguring Remote Desktop using VPN I will probably need those DNS servers in ZA as I would then access my machine from the 'other side', and not from within the LAN.I'll get there eventually, and sofar thanks again!
    Cheers,Rudy.

  8. #8
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Zone alarm detects 2 networks on my machine: 127.0.0.1 w...

    OK Just open the command and type in tracert google.com and hit the Enter key. It will show you all of the IPs' that are the stepping stones for getting to google.com It is actually called trace route but the actual command is tracert. You will see your providers servers are still used to get the internet backbone servers and finally to google servers. Every user still needs the providers servers to access the internet. This shows you can not get internet sires until you have first left the providers network. So the providers dns servers are still safe since you are always under the "umbrella" of the providers network before the internet is actually engaged by your home network.
    Some PC users never realize these facts and are appalled at the idea of even having the providers DNS servers as Trusted. This is far from the truth. It must be realized that no other PC users other than the subscribers to your provider can access the providers DNS servers. The method of domain name host lookups (using the UDP to the port 53) does mean these servers are well secured and can in no way be tampered with by the subscribers to the your provider. It simply cannot happen. You must realize the DNS servers from the providers are not public or internet servers and these are actually private servers. Thus these are sheltered from the internet.

    Besides the DNS servers, you will need to know the IP of the other gateway {and the subnets and IP of the communicating PC} for the VPN and set it as trusted. The VPN does require some extra configuration not only for the ZA, but also for your router. I'm guessing you have linksys router - just log in to the router and see if there are some presets for a VPN. If not, then open the ports needed and make sure the reply to pings is enabled {if you want to receive VPN connections}. Also, usually the "Ident" or port 113 has to be opened in the router to allow the initiated inbound communications.

    Oldsod

    Message Edited by Oldsod on 11-12-2007 08:18 AM
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •