Results 1 to 4 of 4

Thread: sw bug with wireless adapter

  1. #1
    pulsifer Guest

    Default sw bug with wireless adapter

    I want to report what I believe is a bug with ZoneAlarm firewall (latest free version) running under Windows 2000 SP4 (with all security updates) with my Buffalo G54 wireless adapter.
    When my machine first boots, the wireless adapter has no IP address.
    ZoneAlarm reports that its IP address is 0.0.0.0.
    After I connect, it
    assumes the static address of 192.168.11.11 (I'm not using DHCP here at my home office) and
    ZoneAlarm still reports
    its address is 0.0.0.0.
    ZoneAlarm then blocked all packets because it thinks they have been routed through my computer (see report below).
    In order to access the internet, I have to shut down ZoneAlarm while my wireless adapter is connected, then restart it.
    Here's a detailed log report on one blocked packet:


    ZoneAlarm has blocked a data packet addressed to another computerZoneAlarm has successfully prevented local network or Internet traffic from reaching your computer. No breach in your security has occurred. Your computer is safe.Inside the firewall alertAlert propertyAlert property valueTechnical explanationSource IP Address192.168.11.11The IP address of the computer that sent the packet which caused the alert.Source Port1186The port used by the source computer when sending the packet.Destination IPxxx.xxx.xxx.xxxThe IP address of the computer to which the packet was sent.Destination Port80The port on the destination computer used to receive the packet.TCP FlagsSYNFlag indicating the start of an Internet or network connection.Transport Layer ProtocolTCPThe protocol that allows data to be transported between software programs on different computers.Network Layer ProtocolIPThe protocol that allows two networked computers to locate each other on a network.Link Layer ProtocolEthernetThe protocol that allows two directly linked computers to share a network cable.Alert DateJan-11-2007 05:27:36 AM PSTThe time when ZoneAlarm detected the alert on your computer.Alert Count1Number of times this connection attempt repeated its attempt on your machine after the original alert. ZoneAlarm shields your machine from repeated displays of an identical alert.ZoneAlarm security enforcement at time of alertAlert propertyAlert property valueTechnical explanationLock LevelLock Not EngagedInternet and network connections permitted by your ZoneAlarm settings are not blocked by a lock setting.Trusted Zone Security LevelLowThis ZoneAlarm setting enforces application privileges and Internet Lock settings, leaving your computer visible to other computers in the Trusted Zone. It does not block file or printer shares (NetBIOS) or operating system traffic to and from the Trusted Zone.Trusted Zone ServersServers AllowedComputers in your ZoneAlarm Trusted Zone are not prevented from connecting to server programs running on your computer.Internet Zone Security LevelHighThis ZoneAlarm setting blocks access from the Internet Zone to file and printer shares (NetBIOS) and other operating system services. Ports not currently in use by a program are blocked and are not visible to the Internet Zone. This Security Level also enforces application privileges and Internet Lock settings.Internet Zone ServersServers AllowedComputers in your ZoneAlarm Internet Zone are not prevented from connecting to server programs running on your computer.Packet DirectionRoutedA packet that contains the specific route it will use to navigate the Internet to reach its destination. Your computer is neither the source nor the ultimate destination of the packet.ZoneInternet ZoneThis ZoneAlarm zone contains all the computers and networks in the world that are connected to the Internet, until you explicitly define them as members of another zone.Operating systemWindows 2000-5.0.2195-Service Pack 4-SPVersion of operating system running on your computer.Inside ZoneAlarm ProAdvanced FeatureAvailable in ZoneAlarmTechnical explanationFirewall with application 'fingerprinting'<div align="center">n/aAdvanced Program Component Control validates an application at the .DLL level. This 'fingerprint' ensures that rogue code cannot masquerade as a trusted application. Click here for an offer to upgrade your security.Attack notification with advanced threat analysis and advice<div align="center">n/aFull Whois Report available on each hack attempt. IP mapping pinpoints the computer network that the attack originated from. Activate this feature.Advanced email virus and worm protection<div align="center">n/aAdvanced MailSafe identifies potentially harmful scripts in email attachments, and then disables the script's ability to execute by changing the file type. Supplements a virus scanner by quarantining harmful email attachments that may carry a yet unclassified virus. Scan incoming email.Internet ad blocking<div align="center">n/aEnable ad blocking to stop annoying pop-up and pop-under windows. Block traditional banners ads completely or only those that do not load within several seconds. Custom fit ad blocking to your preferences.Cookie control<div align="center">n/aPrevent Web sites from spying on you by blocking session, persistent, or 3rd party cookies. Disable Web bugs and set cookie expiration dates. Surf more anonymously.Active content control(Java/Active X)<div align="center">n/aSuppress hostile JavaScript and ActiveX components. Active content control also prevents rogue downloads from initiating a new obtrusive Web advertising tactic. Tailor your privacy settings.Blocked Zone<div align="center">n/aPlace Web sites or IP addresses into the Blocked Zone to permanently bar them from contacting your machine. Click here to create your own personal Blocked Zone.Password protected settings<div align="center">n/aSet a password to prevent unauthorized users from changing your security settings. Click here for this feature.Auto-network detection (with one-click ICS/NAT compatibility)<div align="center">n/aAdapt your security to a new network including wireless networks. One-click trusted networking and file sharing is a must-have for laptop users and mobile professionals. Upgrade to ZoneAlarm Pro.

    Operating System:Windows 2000 Pro
    Product Name:ZoneAlarm (Free)
    Software Version:6.5

  2. #2
    Join Date
    Dec 2002
    Location
    Mikado Michigan
    Posts
    2,596

    Default Re: sw bug with wireless adapter

    Do you have the IP address of the router in the trusted zone? Also (I am not sure if the free version has this) go to the firewall section, click the advanced butt, and then see if there is an entry that places all wireless connections in the internet zone. If there is uncheck it, click ok. Close ZA and reboot. See what happens.
    My homes are SpywareHammer.com and DonHoover.net and BleepingComputer.com


    Consumer Security - 2011 & 2012

    Tilting at windmills hurts you more than the windmills.
    -From the Notebooks of Lazarus Long
    Senior of the Howard Families

  3. #3
    pulsifer Guest

    Default Re: sw bug with wireless adapter

    Hello Don, I tried to both ways (internet and trusted) and it made no difference. That's not the problem though. The interface has the address 192.168.11.11, however, ZoneAlarm did not correctly detect the IP address of the interface, it thinks it is 0.0.0.0. ZoneAlarm correctly determined that the packet originated from 192.168.11.11, but because ZoneAlarm does not realize that address is associated with the local machine, it thinks the packet is &quot;routed&quot;. The detailed log report states: &quot;Packet Direction: Routed... Your computer is neither the source nor the ultimate destination of the packet.&quot; By default, ZoneAlarm blocks all routed packets. In order to get it to work, I have to shutdown ZoneAlarm while the wireless connection is active, then restart it. The problem again is that ZoneAlarm does not correctly detect that the wireless adapter has been assigned the IP address until ZoneAlarm is restarted the the wireless connection active. As I mentioned, the wireless adaptor is configured for a static IP address, 192.168.11.11. ZoneAlarm might work if the adapter were assigned an address using DHCP, I don't know, I didn't try this, but either way, it is definitely a bug in ZoneAlarm.

  4. #4
    pulsifer Guest

    Default Re: sw bug with wireless adapter

    I got it working by adding the static IP address as a trusted zone (ZoneAlarm -&gt; Firewall -&gt; Zones -&gt; Add -&gt; IP Address).

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •