Results 1 to 10 of 10

Thread: Trusted Zone Security turned off

  1. #1
    snagglegrain Guest

    Default Trusted Zone Security turned off

    I don't check this very often, but the other day I noticed that the Trusted Zone Security, which I usually have set at medium (to share a printer and other resources over a home network) was turned OFF.
    I can't for the life of me imagine ever turning this off myself.

    Are these configurations sometimes known to change without
    user intervention?
    And it occurred to me that it would be a good thing if I was notified when a change like this took place.
    Any thoughts, please?
    Thank you!


    Operating System:Windows XP Home Edition
    Software Version:8.0
    Product Name:ZoneAlarm Pro

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Trusted Zone Security turned off


    <blockquote><hr>Snagglegrain wrote:
    I don't check this very often, but the other day I noticed that the Trusted Zone Security, which I usually have set at medium (to share a printer and other resources over a home network) was turned OFF.
    I can't for the life of me imagine ever turning this off myself.

    Are these configurations sometimes known to change without
    user intervention?
    And it occurred to me that it would be a good thing if I was notified when a change like this took place.
    Any thoughts, please?
    Thank you!


    Operating System:
    Windows XP Home Edition
    Software Version:
    8.0
    Product Name:
    ZoneAlarm Pro

    <hr></blockquote>


    Should not have happened!
    I suggest to reset the ZA database as it may have become corrupted.
    You will lose all your previous settings and configurations as the resetting of the ZA database will make the ZA 'fresh' as when first installed.

    Reset the ZA this way:
    [*] Hold down the Ctrl and Shift keys together[*] Right click on the ZA icon near your clock[*] Choose 'Reset' from the box that comes up[*] Choose Yes on the Reset Settings dialog box[*] When prompted, choose OK to restart your system [*] Follow the on screen configuration prompts after reboot

    Then follow this advice to help to begin to set the ZA properly:

    Make sure your DNS and DHCP server IP's are in your Firewall's Trusted zone. Finding DNS and DCHP servers, etc

    1. Go to Run and type in command and hit 'ok', and in the command then type in ipconfig /all then press the enter key. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side. Make sure there is a space between the ipconfig and the /all, and the font is the same (no capitals).
    2. In ZA on your machine on the Firewall, open the Zones tab, click Add and then select IP Address. Make sure the Zone is set to Trusted. Add the DNS IP(s) .
    3. Click OK and Apply. Then do the same for the DHCP server.
    4. The localhost (127.0.0.1) must be listed as Trusted.
    5. The Generic Host Process (svchost.exe) as seen in the Zone Alarm's Program's list must have server rights for the Trusted Zone.
    Plus it must have both Trusted and Internet Access.
    6. The Trusted slider should be at the middle level.

    Extra help is found at Guru Hoov site for the DNS/DHCP.

    Oldsod.
    Best regards.
    oldsod

  3. #3
    snagglegrain Guest

    Default Re: Trusted Zone Security turned off

    Thank you for your reply.

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Trusted Zone Security turned off

    You are very welcome Snagglegrain.

    You may consider backing up the zone alarm's setting on a regular basis to help preserve your customized settings and configuration.
    Then if the ZA needs an occasional 'cleanup' or if the ZA's settings gets 'lost' by an uninstall/re-install, the settings can always be restored using the ZA's backups feature.

    Best regards.
    Oldsod.
    Best regards.
    oldsod

  5. #5
    snagglegrain Guest

    Default Re: Trusted Zone Security turned off


    <blockquote><hr>Oldsod wrote:
    Then follow this advice to help to begin to set the ZA properly:

    Make sure your DNS and DHCP server IP's are in your Firewall's Trusted zone. Finding DNS and DCHP servers, etc

    1. Go to Run and type in command and hit 'ok', and in the command then type in ipconfig /all then press the enter key. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side. Make sure there is a space between the ipconfig and the /all, and the font is the same (no capitals).
    2. In ZA on your machine on the Firewall, open the Zones tab, click Add and then select IP Address. Make sure the Zone is set to Trusted. Add the DNS IP(s) .
    3. Click OK and Apply. Then do the same for the DHCP server.
    4. The localhost (127.0.0.1) must be listed as Trusted.
    5. The Generic Host Process (svchost.exe) as seen in the Zone Alarm's Program's list must have server rights for the Trusted Zone.
    Plus it must have both Trusted and Internet Access.
    6. The Trusted slider should be at the middle level.<hr></blockquote>I do have a question on one of the steps you have listed above.
    What would be the consequences of NOT having step 4 as part of the configuration?
    I have followed these instructions from a previous post of yours, but either I neglected to add
    the localhost (127.0.0.1)
    as Trusted, or perhaps it was not included in your list at that time.
    Step 4 does not exist on my configuration.
    This has caused me to wonder what is wrong, or what happens, when
    the localhost (127.0.0.1) is not listed at all, either as
    Internet, Trusted or Blocked?Thank you.




  6. #6
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Trusted Zone Security turned off


    <blockquote><hr>Snagglegrain wrote:

    <blockquote><hr>Oldsod wrote:
    Then follow this advice to help to begin to set the ZA properly:

    Make sure your DNS and DHCP server IP's are in your Firewall's Trusted zone. Finding DNS and DCHP servers, etc

    1. Go to Run and type in command and hit 'ok', and in the command then type in ipconfig /all then press the enter key. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side. Make sure there is a space between the ipconfig and the /all, and the font is the same (no capitals).
    2. In ZA on your machine on the Firewall, open the Zones tab, click Add and then select IP Address. Make sure the Zone is set to Trusted. Add the DNS IP(s) .
    3. Click OK and Apply. Then do the same for the DHCP server.
    4. The localhost (127.0.0.1) must be listed as Trusted.
    5. The Generic Host Process (svchost.exe) as seen in the Zone Alarm's Program's list must have server rights for the Trusted Zone.
    Plus it must have both Trusted and Internet Access.
    6. The Trusted slider should be at the middle level.<hr></blockquote>I do have a question on one of the steps you have listed above.
    What would be the consequences of NOT having step 4 as part of the configuration?
    I have followed these instructions from a previous post of yours, but either I neglected to add
    the localhost (127.0.0.1)
    as Trusted, or perhaps it was not included in your list at that time.
    Step 4 does not exist on my configuration.
    This has caused me to wonder what is wrong, or what happens, when
    the localhost (127.0.0.1) is not listed at all, either as
    Internet, Trusted or Blocked?Thank you.




    <hr></blockquote>


    Oh noes... don't do that to the poor old loopback address.
    It should be set as Trusted ( and not internet either!!).

    Gee what are the consequences....what happens is the outgoing connections will be allowed with any heavy duty checks by the ZA for the port connections on the 127.0.0.1 address.
    But more often than anything almost anything that does use the loopback address will have to at the same time have server rights allowed for the loopback address (127.0.0.1).
    And these incoming connections to the loopback is where things start to get a little sticky, sort of speaking.Once the ZA sees the server atempts, it has to do some heavy duty checking to make sure things are alright. And this is where the windows own internal connections could be getting bogged down, where these connections should be just flying along and without any interference from the firewall.
    Short explaination.

    What can and often happens, is the ZA if indoubt will then ask the user what or how to handle the loopback connection event in it's Alerts.
    Most often the users just allows the connections attempts and uses always or remember this event.
    Once allowed, the ZA then treats any further loopback connection by that file or program as trusted anyways.
    So in effective the ZA slowly gets trained for some of the diles and programs concerning the loopback connection, but only over a long period of time.
    And still future internal connection issues could happen without the loopback added as trusted in the zones of the firewall OR the user could mistakenly Deny the loopback connection in the ZA Alerts and make a mess of things.

    Oldsod.
    Best regards.
    oldsod

  7. #7
    snagglegrain Guest

    Default Re: Trusted Zone Security turned off


    <blockquote><hr>Oldsod wrote:

    Oh noes... don't do that to the poor old loopback address.
    It should be set as Trusted ( and not internet either!!).

    Gee what are the consequences....what happens is the outgoing connections will be allowed with any heavy duty checks by the ZA for the port connections on the 127.0.0.1 address.
    But more often than anything almost anything that does use the loopback address will have to at the same time have server rights allowed for the loopback address (127.0.0.1).
    And these incoming connections to the loopback is where things start to get a little sticky, sort of speaking.Once the ZA sees the server atempts, it has to do some heavy duty checking to make sure things are alright. And this is where the windows own internal connections could be getting bogged down, where these connections should be just flying along and without any interference from the firewall.
    Short explaination.

    What can and often happens, is the ZA if indoubt will then ask the user what or how to handle the loopback connection event in it's Alerts.
    Most often the users just allows the connections attempts and uses always or remember this event.
    Once allowed, the ZA then treats any further loopback connection by that file or program as trusted anyways.
    So in effective the ZA slowly gets trained for some of the diles and programs concerning the loopback connection, but only over a long period of time.
    And still future internal connection issues could happen without the loopback added as trusted in the zones of the firewall OR the user could mistakenly Deny the loopback connection in the ZA Alerts and make a mess of things.

    <hr></blockquote>Shorter explanation... things kinda slow down, then they kinda work okay, but they
    might get screwed up.
    Sound right?

  8. #8
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Trusted Zone Security turned off

    More or less.
    But 'things kind of work okay' could be involving some hidden interference that is not seen visiblely - for both the ZA and for the windows and supported applications.

    Yup you got the message.
    Oldsod.
    Best regards.
    oldsod

  9. #9
    snagglegrain Guest

    Default Re: Trusted Zone Security turned off


    <blockquote><hr>Oldsod wrote:
    More or less.
    But 'things kind of work okay' could be involving some hidden interference that is not seen visiblely - for both the ZA and for the windows and supported applications.

    Yup you got the message.
    <hr></blockquote>So now that I have added the localhost as trusted, what change or difference, if any,
    do you anticipate I will be seeing?
    And was there ever a security risk in not having it listed?
    Thanks

  10. #10
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Trusted Zone Security turned off


    <blockquote><hr>Snagglegrain wrote:

    <blockquote><hr>Oldsod wrote:
    More or less.
    But 'things kind of work okay' could be involving some hidden interference that is not seen visiblely - for both the ZA and for the windows and supported applications.

    Yup you got the message.
    <hr></blockquote>So now that I have added the localhost as trusted, what change or difference, if any,
    do you anticipate I will be seeing?
    And was there ever a security risk in not having it listed?
    Thanks

    <hr></blockquote>


    You may see the ZA use at time less average cpu or mem use depending on how you answered the previous alerts concerning any loopback activity as it will have better rules to follow and that makes the work load lighter.
    And performance of the certain browsers and other networking applications may have some increases in speed or in connections, depending again on how you answered the previous ZA alerts concerning the loopback address.

    No security risk from not having it entered and no security risks from having it entered.
    (some software firealls have a hard coded 'allow the loopback by TCP connection' rule buried inside of them and many users of those never know this fact or understand it anyways).

    Oldsod.
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •