Results 1 to 10 of 10

Thread: Zone IP Addresses

  1. #1
    ananda Guest

    Default Zone IP Addresses

    Hi
    I'm using ZA 70_462_000.
    I'm using two computers: a desktop and a laptop.Both of them are connected to a Dl-624 router.
    The desktop uses a broadband cable connection.The laptop uses a wireless connection.
    In my Zones Tab on my desktop
    I see the following:



    New Network 192.168.0.0/255.255.255.0 Network Internet
    DHCP Server 192.168.0.1 IP Address Trusted
    Loopback adapter 127.0.0.1 IP Address Trusted

    My question is about that DHCP Server.
    I did not see it
    in ZA
    70_337_000.
    Is that all right now
    or do I have to remove it?

    As for my laptop, that DHCP server line does not appear.
    Is that all right, or do I have to add it? Using ipconfig /all I see it being mentioned...

    Thanks for your precious time and good help.

    Kind regards

    Operating System:
    Windows XP Pro
    Software Version:
    7.0
    Product Name:
    ZoneAlarm Internet Security Suite


    Message Edited by Ananda on 12-05-2007 01:15 PM

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Zone IP Addresses

    That is new to me too, But it is not incorrect. No harm no foul.
    In fact, how can I get that in my ZA too?
    Cheers, Oldsod

    Message Edited by Oldsod on 12-05-2007 07:46 AM
    Best regards.
    oldsod

  3. #3
    ananda Guest

    Default Re: Zone IP Addresses

    You can find all information here: http://zonealarm.donhoover.net/dnsdhcp.html
    I'm really a bit surprised you did not happen to know this. So now it is my turn to help you. Great!

    Still, I sincereely hope the mentioned line will not compromise my computer. Why is that? Well, I feel a bit confused about the following.Once bought a D-Link, you have to setup things. And you start by typing that 192.168.0.1 address into your browser's address bar.But when using http://www.geektools.com/whois.php
    and typing in that IP number, I see there is a whole NetRange: 192.168.0.0 - 192.168.255.255 And that is something that worries me.
    Got any correct information to make me feel happier, Oldsod?
    Thanks in advance for your time.
    Kind regards.


  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Zone IP Addresses

    Yes I know that from long ago. I meant I never see the line DHCP server automatically shown in my Zones. How did you do that?

    DHCP and NAT go hand in hand. The PC needs to have an assigned IP form the DHCP server or else it is stuck. The DHCP server needs to be assigned as Trusted in the Zones or else the connections between the PC and the router can be blocked (there is a need to allow inbound on the bootps and bootpc ports - 66 and 67 UDP). Without the assigned IP from the router, the PC will not be able to communicate with the router or other devices of the LAN or even be able to get to the internet.

    The assigned IP as given by the router will fall into the 192.168.0.0 - 192.168.255.255 range.
    [The other two private network ranges are 10.0.0.0 10.255.255.255 and 172.16.0.0 172.31.255.255, but your specific router is designed for the 192.168.0.0 - 192.168.255.255 range of IP. Many home routers are made this way.]
    Private networks are not accessible forn the public internet and are only functioning behind the DHCP device (the router in your situation), hence they are considered private. This eliminates the need for each PC behind a router to have a public assigned IP, since each one is privately assigned. Each device gets it's own individually assigned IP from the router as per the NAT of the router.

    It goes this way, in a nutshell:

    You turn the PC on. Various broadcast and multicast are sent over the LAN by the PC and once the PC has found the router IP, then the PC sends packets out from port 68 UDP to the port 67 UDP of the router. The router has assigned the individual PC's IP to the PC and this was done during the initial broadcasts (at the PC startup, once the networking is turned on). This is where the DHCP comes into play. Now the PC and the router will be able to connect. But the just as the router must allow inbound connections form the PC, so the PC must allow inbound connections for the router. This is why the PC has the router IP set as Trusted in the Zones.

    If the PC needs to connect to the internet, it must first send packets to the router, using the UDP ports 67 and 68. It says Hi There. The PC does this using the svchost.exe.
    Then it needs to connect to the DNS server and obtain the exact digital/binary address for the address or url as seen by the applications or by the browser. The PC needs to connect and allow inbound from the remote port 53 of the DNS server. This is why the DNS server IP(s) are set as Trusted in the Zones. The PC does this using the svchost.exe.
    Once the PC has said those Hi There packets to the router, the connections from the PC to the router are now allowed. And so are any other connections the PC makes outbound to the internet.
    [usually the DNS server IP is set in the router. Or some routers will act as the DNS server and connect by itself and obtain the information needed for the devices of it's LAN]
    The PC sends packets to the remote port 53 of the DNS server IP. The router is first to see those incoming packets from the DNS server being sent to the PC and by using NAT then sends those packets to the correct IP of the PC.
    [do not forget about the NAT]
    Once the PC receives the information concerning the url in the browser, then the PC sends new packets using http (remote port 80) to the url. But it must first go to the router.
    [in other words the initial send to that url is always send to the IP of the router and the router sees/reads the packet headers and then sends those packets to the correct address contained in those packets. The internet servers receiving those packets from the PC then sends the information to the publically assigned IP - your router- first and the router then sends those packets to the PC using the assigned IP. Please keep in mind this was also done for the DNS name lookups also. This is also mentionable. The NAT of the router is performing the address translation between the two seperate networks for the ongoing connections]
    If the router also has SPI, then the not just the packet headers/addresses are read for the IP information, but the packets are also inspected for differeneces. The differences are dropped just as any unwanted inbound connections are dropped]
    Once the PC gets the information from the internet server, then the information is read and properly created in the browser. Hence you can see and understand the information in the page in your browser.



    Cheers. Oldsod

    Message Edited by Oldsod on 12-05-2007 10:09 AM
    Best regards.
    oldsod

  5. #5
    ananda Guest

    Default Re: Zone IP Addresses

    Thanks for your wonderfully long answer - but I'm afraid it all sounds a bit too complicated for this almost 69-year-young user. Thoudh I do have some knowledge about computers, in this particular field I am an absolute zero. So I'll study the lesson several more times. If I am lucky, I will get something of it. If not, I'll take an aspirine.
    Still, dear Oldsod, you have not given a direct answer to my two questions:<blockquote>

    My question is about that DHCP Server.
    I did not see it
    in ZA
    70_337_000.
    Is that all right now
    or do I have to remove it?</blockquote><blockquote>

    As for my laptop, that DHCP server line does not appear.
    Is that all right, or do I have to add it? Using ipconfig /all I see it being mentioned...</blockquote>

    As for your question how that line got into ZA... after having installed a perfectly uninstall-install 70_462_000, that line looked me right into the eyes. It was there...


    By the way, it says at http://download.zonealarm.com/bin/fr...ml#7.0.462.000<blockquote>

    New: Added Automatic Network Configuration to Wizard (will automatically add Domain Controller, DNS, DHCP, Network

    However, installing 70_462 over 70_337 on my laptop (which did it without any problems whatsoever)
    did not put that DHCP on that line.
    On my desktop I had to first uninstall it as thoroughly as possible. (See http://forums.zonealarm.com/zonelabs...hread.id=74089)</blockquote>

    So, you understand my mixed feelings and my being
    a bit concerned... Now, what shall I do? remove on the desktop / add on the laptop?


    Kind regards,

    Ananda

  6. #6
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Zone IP Addresses

    This:
    New Network 192.168.0.0/255.255.255.0 Network Internet
    DHCP Server 192.168.0.1 IP Address Trusted
    Loopback adapter 127.0.0.1 IP Address Trusted

    is okay.
    No need to remove.
    If the New Network 192.168.0.0/255.255.255.0 Network Internet was listed as Trusted instead of Internet, this is also OK.

    The laptop has the default 192.168.0.0/255.255.255.0 Network as Trusted? Then this is okay.
    Either will work. The 192.168.0.0 with the subnet 255.255.255.0 is set as trusted (subnet 255.55.255 means it includes the range of 192.168.0.9 to 192.168.0.255).

    Yes the ZA will include and handle the DNS and the DHCP transactions correctly by default since it some intelligence to figure things out, once the correct IPs are set as Trusted in the Zones.

    Cheers, Oldsod

    Message Edited by Oldsod on 12-05-2007 11:20 AM
    Best regards.
    oldsod

  7. #7
    ananda Guest

    Default Re: Zone IP Addresses

    Oldsod
    I'm afraid DHCP Server 192.168.0.1 IP Address Trusted disregarded my trying to use my bankprogram.After having removed that line,
    it worked as charm - unfortunately enough, only to pay bills!

    Bye-bye for now.
    Ananda

  8. #8
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Zone IP Addresses

    Hi Ananda

    I doubt if adding the address had anything to do with the banksite problem. It sounds more like a browser issue or operating system error.
    Oldsod
    Best regards.
    oldsod

  9. #9
    ananda Guest

    Default Re: Zone IP Addresses

    Well, you may doubt that, of course, but the fact remains that, as soon as I had removed it, I could log on to my home'banking programme.Besides, the same programme is on my laptop, and my laptop is connected wirelessly to the router.The address was not in ZA zones on my laptop, but even so, I could not use the programme. But I could as soon as that line was removed from my ZA on my desktop.Quite logical, I think, for both computers use that router.
    Besides, I do not think it was
    &quot;like a browser issue or operating system error&quot; as you say, for I also tried with Windows firewall instead of ZA. And connecting to my bank proved to be sweet charity! It convinced me that the whole problem was due to that **bleep**ed line. For your information, I need not use my browser to contact my bank. It's a programme on its own.
    And one other thing, when I had 70_337, I never had that problem. And why not? Because that line was not listed
    in the ZA
    Zones. And as you said yourself in http://forums.zonealarm.com/zonelabs...ssage.id=50610
    : &quot;I meant I never see the line DHCP server automatically shown in my Zones. How did you do that?&quot;
    Looking forward to your answer.
    Kind regards,
    Ananda

  10. #10
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Zone IP Addresses

    If the bank uses it own program, then it was not properly configured in the ZA. This is why you encountered a problem. Nothing like revealing things after the thread is over.

    Gee I have no troubles with the ZA. I thought we were discussuing your troubles, not instead my non existant troubles?

    Oldsod
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •