Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Expert Rules - are they working in the trial versions?

  1. #1
    aurora Guest

    Default Expert Rules - are they working in the trial versions?

    Hi all. I am running the latest TRIAL copy as of this posting of Zonealarm Internet Security Suite (15 day trial).

    For the life of me, I can't get any of my expert rules to work. For example, I am running a web server and an smtp server on my local LAN, and I have tried a plethora of expert rule combinations to block inbound traffic to port 80 and 25. But every time I try to connect from another computer on my private LAN, I can get in!

    Is this "expert rules" feature actually working and functional in the trial version of the software? Or do I have to actually buy it to see these rules work? Also, do the expert rules work on the free version of ZoneAlarm?

    Thanks everyone.

    Operating System:Windows XP Pro
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Expert Rules - are they working in the trial versions?

    As far as I know the expert rules work in the trial version.
    You could verfiy this by making a Block All rule with the Rank of 1 in the Expert to test if the rules do actually work in the trial version. If anything can get past the Block All rule, then I suppose the rules do not work after all in the trial version.

    The Expert rules of the Firewall are enforced before the Zones firewall rules in the Firewall, but the Expert and the Zones work in tandem with the Expert of the applications permissions in the ZA Program list.

    As with all rules, it is the order of the rules that is important. Perhaps something is in the wrong order?

    It is possible the other computer is in the Trusted Zone and not blocked? You could post some screens or some details and maybe I can help you.

    There are no Expert rules or advanced networking features in the ZA Free versions.

    Oldsod
    Best regards.
    oldsod

  3. #3
    aurora Guest

    Default Re: Expert Rules - are they working in the trial versions?

    Hey Oldsod. Thanks for your reply. I only have 1 rule. I tried to set it to block everything on every port/protocol, but I can still connect. When I first installed the ZA, it detected my local lan and I then assigned it as a 'trusted zone'. I have a feeling (just based on what I am seeing) that the expert rules aren't working in the trial. I'll tiner around a bit more and see if I can post any more details.

    Oh one thing I forgot, I am actually using it on a Windows 2000 server not XP.

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Expert Rules - are they working in the trial versions?


    <center>Here is my simple Expert rulesbut I have Expert for each application</center></br>

    Oldsod
    Best regards.
    oldsod

  5. #5
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Expert Rules - are they working in the trial versions?

    Try the Block All with no changes to the ports and protocols - just use the Any.
    Make sure the State is Enabled and the Action is set to Block and it was all Ok'ed and the Apply in the lower right corner of the ZA Expert panel was checked.

    I just placed my final block all rule in the last Rank to the first Rank. It worked perfect - I could not get any dns connections or out bound to the internet. This is with the router as Trusted, but really still not so sure about the lan being blocked.

    Tried a rule to block the server the Gateway option in the Add Location in the Source and Destination? This does have provsions for not only the exact IP, but also the MAC address.

    Win 2000 is ok. It should not make any difference.

    Oldsod
    Best regards.
    oldsod

  6. #6
    aurora Guest

    Default Re: Expert Rules - are they working in the trial versions?

    Update and correction... when I set the protocol to &quot;any&quot; on my block all rule, then the block works (ie it blocks everything)

    Now, when I set the source and destination protocol to 80 for example, it won't block incoming requests on port 80.

    When I set the destination port to 80, and the source port to any, the block for the web server inbound traffic works.

    Does this make sense? What is the difference between the source and destination protocol ports? I thought a request to a web server starts from source 80 to destination 80 regardless of where it comes from.

    Sorry I rushed to post my other reply without thoroughly checking this.

  7. #7
    aurora Guest

    Default Re: Expert Rules - are they working in the trial versions?

    Thanks for the screen shot. My mistake... the expert rules are in fact working on the trial version. It was something in how I was defining the source and destination ports. See my other post

  8. #8
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Expert Rules - are they working in the trial versions?

    Basically almost every or should be every outbound connection using HTTP will be the remote TCP port 80 (server) and the source ports in the 1000-5000 range (PC).
    Some exceptions occur with media and certain special events.


    The opposite is true for the inbound HTTP connections - the source could be anywhere in the 1000-5000 port range and the destination port (the PC) is 80.

    It is never 80 to 80.
    This holds true for many connections including FTP (FTP and FTP data) and HTTPS (uses 443 instead of 80).

    Oldsod

    Message Edited by Oldsod on 02-17-2008 01:18 AM
    Best regards.
    oldsod

  9. #9
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Expert Rules - are they working in the trial versions?

    No problem. The Gateway selection works very well. I have the outside or external router completely blocked off and the inside or internal router allowed, for DHCP server for the desktop,. Both controlled by IP and by MAC.
    Yes, I use two routers and both are doing NAT. Firewalling to the extreme!

    Oldsod
    Best regards.
    oldsod

  10. #10
    aurora Guest

    Default Re: Expert Rules - are they working in the trial versions?

    I didn't know this, and that explains it all. It also explains why I tried **bleep** Firewall the other day and I was complaining to myself that the rules never worked in that either! But I like Zonealarm much more. The way you can also quickly enable and disable these expert rules is nice, and I didn't notice that feature in the free **bleep**.

    Thanks again for your help! You saved the day

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •