Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Completely mystified - how do Programs get server rights?

  1. #1
    nosenothing Guest

    Default Completely mystified - how do Programs get server rights?

    I have just done a clean uninstall and upgrade to the latest version, but I was oblivious even before that. How does SmartDefence (or whatever hands out the permissions) decide that programs should have green ticks for everything, including server rights to trusted and internet? I keep finding all of these approvals in the program list and I change them. I haven't said "yes" to any alert.... How, and more importantly, why, do these settings come about? Thanks.

    Operating System:Windows XP Pro
    Product Name:ZoneAlarm Internet Security Suite
    Software Version:7.0

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Completely mystified - how do Programs get server rights?

    Hi nosenothing

    You are using the smartdefense advisor. Turn it off. Under it is the Advanced button. Select the "Always deny the connection" under the Internet Server section of the Access Permission tab.

    SmartDefense Advisor is using setting collected from all users, and that for some strange reason has insecure setting, yet easy to work with the software's access.

    By default, the ZA when installed has the Program Control slider is set to Low or Medium. After a few weeks it will move up. However, I usually set up my ZA and set it to High after the first day or so. But I first enable all found in the Custom button of the Main of the Program Control panel. I set my own server rights and accesses and ratings. That takes a few hours- I usually use the Add button and select the main items that are needed and then run everything. After that I just make the appropiate setting and save them using the backup in the ZA, for future use. Then I set the Program Control slider to High. But I have has a lot of experience with firewalls and the ZA.

    As a general rule, I do just this:

    The Generic Host Process (svchost.exe) has server rights for the Trusted and several of the antivirus components. But nothing else does. Also the other windows components are set to Ask for Internet Access and are not set to Allow. If any time something does not work, then allow the internet access and just allow the server rights for the Trusted Server- this only goes to the home network or LAN and not Internet in any way. The windows explorer and the IE both have Ask for the Internet Access, the same for the Media player. None have email rights- only the email clients have that ability.

    Best regards.

    Oldsod
    Best regards.
    oldsod

  3. #3
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Completely mystified - how do Programs get server rights?

    Hi nosenothing

    With the settings used in the first post, you will notice more blocked events. They will be all from the usual safe programs, but they will often have DNS blocked or something of that nature. But a decision can be made as to whether and how to change the rights of the Trusted Server for those blocked events. Just keep watching the Logs and see what happens. It does get interesting and the findings of the logs alone will help you set the ZA to the best performance.

    Best regards.

    Oldsod
    Best regards.
    oldsod

  4. #4
    nosenothing Guest

    Default Re: Completely mystified - how do Programs get server rights?

    Thanks, Oldsod. So the Smartdefense advisor is not smart and provides no defence - says it all, really..... I don't understand why I should be having to protect myself against my security program.

  5. #5
    rockymalvia Guest

    Default Hey ...gr8 help ! but what abt ...

    Further to reading this thread I started manually changing the access rights for some Windows related jobs.Is it OK to leave
    these programs with the Super Trusted tag that Smart Defense assigned them.
    Whenever I try to change some of the settings on these Windows related programs ..it gives out a warning message....
    PLease guide as to what precautions to take while actually changing the permissions on windows related programs..
    eg: Run as Dll
    I have only kept Super access and trusted access.
    Please give me some tips so that I dont crash the machine like Zonealarm warns when I change some permissions like - disabling the server access etc.(This happens on all system tagged programs)
    I want to make sure that I dont simply give out more rights to Windows jobs!
    Thanks


    Message Edited by rockymalvia on 03-29-200708:52 PM

  6. #6
    rockymalvia Guest

    Default My Internet connection stopped working...what did i do wrong.

    I had enabled the Advanced Program control and
    Interaction Control..along with Component control...
    Internet was working fine after this until I restarted the m/c.After I restarted the internet would only show a 169.254.x.x address in the
    IP address/Site column under
    Firewall.
    Internet started working only after I disabled the adv prog control etc mentioned above.
    What must have I done wrong...any ideas ?

  7. #7
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: My Internet connection stopped working...what did i do wrong.

    rockymalvia

    You are getting help from two peolple in your own thread, which is just below this one. WHY do you have to bother this poster?????

    Does this poster not deserve some respect amd politeness???? Cannot this poster get help TOO ??? Or is it just YOU ALONE???

    Oldsod

    Message Edited by Oldsod on 03-30-2007 02:56 AM
    Best regards.
    oldsod

  8. #8
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Completely mystified - how do Programs get server rights?

    Hi

    Smart defense does include extra information- that little button on some of the alerts does take you to the Zone Labd site where more inforamtion is displayed. This does help in the decision making process.

    I mentioned my way because I like the iron gloved fist approach to my security. It seemed that you do as well.

    The smart defense settings are there for people who have no what a firewall is and what to do with it. Most are behind a router or NAT modem and in this case any port scan would always show as being 100% stealthed by the hardware anyways.

    Oldsod
    Best regards.
    oldsod

  9. #9
    nosenothing Guest

    Default Re: Completely mystified - how do Programs get server rights?

    I don't know enough to make any decisions about the firewall - that's why I relied on the program. As a matter of common sense, I cannot understand how Windows Explorer could require server rights to anything, let alone full access and server rights, and email permission, which is what Zone Alarm gave it. I don't know why, just because people have no idea what a firewall is nor what to do with it, there should be full access given... I can learn what is going on, but only where there is some logic to it. I fail to see the logic, I'm afraid.

    Thanks anyway.

  10. #10
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Completely mystified - how do Programs get server rights?

    Windows explorer should be interupted as needing access to the router or hub and occasionally windows explorer does need access to the Internet. Which is why I set mine to Ask for the Internet and Allow for the Trusted Zone.

    It will upon occasion need access to the DNS and receive a reply with a domain name resolution , hence that is why it will need but rarely need Trusted server access. It will not need server rights for the Internet Zone Server.If you want to be careful, then just set it as Ask for the Trusted Zone Server.

    As for email, that is a throwback to prehistoric times. When IE was just an equal to windows explorer, and some software such as antivirus or others did need to send an email and it grabbed the windows explorer as a platfrom to access the internet.

    Just remember this rule: the server rights given to the Trusted Zone are safe. The second rule: server rights for the Internet are not safe.

    You could check this. Just give everything rights for the Trusted Zone server and then do a port scan. All ports will show as stealthed. Then give rights for everything in the Internet Zone server and do a port scan. The posts will show as closed or open or stealthed. A big difference.

    Very often items as the browsers or security applications do need a reply from the DNS, hence that is why they will often need rights allowed for the Trusted Zone Server.

    But if you follow my first instruction and keep checking the logs, you will reach the correct conclusions for the exact settings.

    As to why I set the IE and the explorer as ask for Internet and deny Trusted Zone server??? Because this is a leakest proof method and gives the highest security for these two items and the PC. Any hijacker or trojan (that does not call out on it's own) will be defeated. This gives me time to trace the verminand eradicate it before it really has a chance to increase it numbers or do any more damage.

    The Program Control slider set at High will make all new connections to be asked, hence a trojan infection will be asked and I will deny that new connection attempt. It is important to deny those new unknown connection attempts that appear out of the blue. If the user just allows them without fully checking it out or understanding what the situation really is, then the user may as well not be using a firewall. But in the alert will be a buton to go to the Zone Labs Smart Defense advisory and that will give additional details. Hence the Samrt defense does have value after all.
    The next logical step is to scan with the antivirus and antispy for some infections. It could be followed up by scanning these again in the safe mode to have a better scan detection and removal.

    That is the safe and logical spproach.

    Oldsod
    Best regards.
    oldsod

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •