Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Windows File Sharing

  1. #1
    qwaven Guest

    Default Windows File Sharing


    I have a small network with a Windows computer that I use for file storage. On my computer I am running Zone Alarm with "internet" zone. I am doing this as I dont want anything to be 'trusted' except if accessing particular ports.

    I have noticed that even with (Firewall->Expert rules) putting two rules for port 445 to allow incoming and outgoing communication which should allow the fileshare accesses.

    Example of rule (same idea for both directions)

    Action = Allow, Track = None, Source = My Computer, Destination =, port = 445, Time = any.

    It does to a point... however sometimes if I am playing a video from the share or listening to music (two different players) they will suddenly be denied access. Zone Alarm will have the alert icon flashing and logs will be posted denying the access.

    An example:

    Rating..Date/Time..........................Type...Protocol..... ..Program....Source......IP Destination..IP Direction..Action
    Medium 2006/07/24 14:42:40-400 GMT Firewall TCP (flags: AP) 'blank' Incoming Blocked

    Does anyone know what could be wrong, or how I can fix this issue?


    Operating System:Windows XP Pro
    Product Name:ZoneAlarm (Free)

  2. #2
    Join Date
    Mar 2004
    Brisbane, Australia

    Default Re: Windows File Sharing

    I'm not sure what is or isn't going on here as Windows Networking is a completely different protocol to TCP/IP. You can disbale TCP/IP completely but still run a Windows network. Check your network adaptor settings for details.

    ZA only protects against a TCP/IP Network. Hence your Windows network and your file shares should be fully functional irrespective of your ZA setings.

  3. #3
    qwaven Guest

    Default Re: Windows File Sharing


    Thanks for replying.

    Umm... ok right technically windows filesharing is not "TCP/IP", however Windows Networking requires a method of transporting the data such as TCP.

    That said, Im not having a problem with the fileshares. Im having a problem with the communication. As soon as I open a file on a remote computer TCP is being used. Windows XP uses port 445 for this as I understood.

    I know this has to do with Zone Alarm since this probelm only started once I installed Zone Alarm and started recieving those log messages I posted earlier.

    So is there anything I can do to fix this?


  4. #4

    Default Re: Windows File Sharing

    As I understand it Zonealarm free does not support internet connection sharing. If your problem has to do with various computers on the same network communicating or getting on the internet the free program was not created for that. However I beleive the following instructions I copied from another helper here at the forum is a work around for this.

    "Try to add the ip's of your DHCP and DNS servers to the trusted zone of ZA. Open the command line (hit start-run-cmd) and type
    ipconfig /all. You'll see several lines among them your DHCP server with the ip and the DNS servers (can be more then one). Take note of all these ip's. Then go to ZA tab firewall and page zones and in the box at the bottom (entry detail),click add, choose ip address and then enter a bief description, type the ip's you found and make sure the zone is set to trusted. You need to do this one by one."

    The bottom line I beleive is that for the free Zonealarm to share connections you have to use the trusted zone not the internet zone. This is not the case of course in the Pro version because it detects your local network and can keep it in the trusted zone yet protect you with the Internet zone setting for your excusions outside of the local network. At least thats what I think I've learned here on the forum.

    Message Edited by ledoc on 07-27-2006 02:54 PM

  5. #5
    qwaven Guest

    Default Re: Windows File Sharing

    Thanks for the reply,

    However this has nothing to do with Internet Connection sharing :P

    I'm talking about "FILE" sharing within my one home network

    The problem is I dont wish to use the 'Trusted' network feature as that feature will simply trust whatever X, wants to do with my computer because its "trusted". All I want to do is be able to access a file share on another computer without being hassled by Zone Alarm.

    Please let me know,

    Message Edited by qwaven on 07-28-2006 12:04 PM

  6. #6

    Default Re: Windows File Sharing

    Let me try to explain this one more time. You need to have your computers on a Local Network to share files. Zonealarm free is not meant for computers on a network. That is handled by Zonealarm Pro. There is a way to work around the free program's incompatibility with networked computers that requires you to put their ip addresses in the trusted zone. As much as you might WANT to run the network with everything in the internet zone this is the exact opposite of how you can get the free ZA to work for your file sharing purposes. Sorry this doesn't go along with your desire to use only the internet setting but there you have it. This information can be found all over the forum here. Try a search using the terms "Zonealarm Free Connection Problems".I hope I am wrong and you find a solution for your file sharing problem that allows you everything you wish but I have not seen that happen here in the forum in my own limited experience here of about one year.
    If you find this solution for your problem an unacceptable compromise of your security requirements but can't solve the problem any other way you will have to buy the Pro version.
    Good luck in your endeavors

  7. #7
    ad_hock Guest

    Default Re: Windows File Sharing

    Hi ledoc
    If you allow the suggestion, there is a workaround that can be done (in ZAPro too)to avoid to put the whole range of ip's in the trusted zone. Leave the network in internet zone and just add to the trusted zone the host (name given to the computer when setting up the network).In firewall, zones click add, choose host and then enter the name. That should work either with ZAFree or ZApro and the only trusted computer is the one intented for file sharing.
    Al the best

  8. #8

    Default Re: Windows File Sharing

    Thanks for the correction Ad-Hock,

    I wonder however if even this solution will be acceptable because Qwaven has stated his goal as follows...

    "On my computer I am running Zone Alarm with "internet" zone. I am doing this as I dont want anything to be 'trusted' except if accessing particular ports."

    Putting any of his computers in the trusted zone might be construed as a drop in the level of security he is trying to maintain. All the same your latest suggestion is definitely much closer to what he is looking for than mine and I thank you for helping out.

  9. #9
    ad_hock Guest

    Default Re: Windows File Sharing

    Hi ledoc
    In fact it was not a correction but a suggestion as all you said is correct and it's the normal procedure,specially if you have a router or a modem/router.I would say this practice of adding the host only, is almost a little bit paranoid as the greater danger doesn
    t normally come from the outside and you get it with bad surfing practices, downloads,attachments and so on. Honestly I don't see how it can be done in a more restrictive way as the problem it's ZA and not the network set up,unless some expert rule that I've not thinking yet could do the trick.
    Good to speak with you, all the best and take care.

  10. #10
    qwaven Guest

    Default Re: Windows File Sharing

    Hello all,

    Thank you all for replying I appreciate your input.

    I m not sure if you quite understand my problem here. My problem is not with getting a connection. I have my zone in internet mode and have made some rules that allow port 445 to and from the desired PC s. This works... kind of! By kind of, I mean I am able to connect and do everything you normally can do with a share. However, at random intervals Zone Alarm will suddenly decide to stop communication, completely disregarding my rules. The logs will even say blocked X on port 445. The more I think about this, the more I realize this seems more and more like a bug than a configuration issue. A custom rule should take precedence over anything else. Obviously I intended for this rule to do what I told it disregarding what any other policy states.

    To reply to the comment I would say this practice of adding the host only, is almost a little bit paranoid as the greater danger doesn
    t normally come from the outside and you get it with bad surfing practices, downloads,attachments and so on. This is true, but what happens if another computer on the network becomes compromised? What happens if someone plugs a laptop into the network with good intentions that happens to have some worm or whatever on it? These are some of the reasons why a restrictive policy is needed. Never assume something is safe. This is also why so many companies get in trouble because they use the idea ahh it will never happen .

    Anyway if this is a problem with Zone Alarm and not a configuration error as I believe was suggested. Than if any ZA staff see this I suggest this be corrected in the next update/release.


Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts