Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 25

Thread: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

  1. #11
    crystalwolf Guest

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    Ok
    rebooting helped, I now have ZA and my anti-virus, I have changed from auto upload updates to be notified.
    Now, how do we know what little time bombs we are loading in the updates??? Boy Micosoft is a PIAX-(I've spent all morning dealing with this and I'm not the only one....Thanks to all You "Helpers" out there!!!Laura

  2. #12
    billnash Guest

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    Yes...exception: Windows folder is winnt in Win2K, otherwise Yes I did exactly as suggested. There was no Zone Labs folder in
    Program Files after I ran uninstall.

  3. #13
    second_chance Guest

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    Bill,
    Per my experience, I lowered my internet security zone to medium and I have since had no problems connecting to the internet.

  4. #14
    anotole Guest

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    I did all that..nothing works. But thanks. Any other idea will be welcome

  5. #15
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    One of the MS update change many files and drivers for the networking of windows itself.
    The change includes a randomization of the computer's local ports to the remote dns server, as opposed to previously using the same local port contimuously for the application involved with the outgoing connections to the dns. There may be a possible change in the usual local ports normally used as well.
    This is affecting the ZA, as the ZA is extremely "port conscious" or extremely watchful of the ports both accessed and used, along with the concerned IPs of course.
    The previous data of the ZA has been pre-configured to operate with the previous observations and useage - the new update now changes this usual observations and normal useage. Thus the connections are affected.
    By lowering the Security slider to medium instead of high, the usual stealthing of the internet ports as performed by is dropped and the ports are now visible to the internet.
    This makes the port's status visible to all incoming connections and now the ports will respond correctly to all incoming "SYN", "SYN/ACK" and "RST" packets.
    Once the ports repond to incoming connection, the previous stealth is no longer and the actual port status is seen by the senders.
    The ports are still safe from "hackers" because if the final "ACK" packets are not sent by your own computer and the connection is now considered "OPEN" or connected, there will be no further communications possible between your computer and the incoming server/pc.
    The only time your PC would send the "ACK" packets and create an "OPEN" connection and then create the connection is if the programs on your PC were to correctly respond to the initial packets (which would take a lot of doing for a hacker anyways) or if your own PC actually initiated the connection.
    Basically with the ZA internet security slider set at high, the ports whether or not they are open or closed cannot be seen, because any incoming "SYN" packets sent to any of the windows 65,535 ports are first intercepted by the ZA firewall, checked by the ZA to see whether or not the incoming "SYN" packets should be allowed or not. If the packets are determined by the ZA to be allowed, the packets then proceed to the application in question and thing continue as desired.
    If the "SYN" packets does not belong, as determined by the ZA, the ZA simply eats these packets for a lack of better words and does not reply back - thus the sender still has no ideal if the port exists or is either open or closed.

    With the ZA security slider at Medium , the incoming "SYN" packets are still first checked over by the ZA before the ZA sends the packets to the application possiblely involved , but the ZA will now permit the application involved to reply with the "SYN/ACK" packets to the sender.
    Now comes the critical stage - the sender must respond with "ACK" packets to establish the connection for further communications.
    Very often the sender will realize the initial "SYN" packets went to the wrong destination and will not respond with the needed" ACK" packets to establish a connection.
    You hear so very often about "internet noise".
    Well this is what this the internet noise mainly consists of - packets sent and received and getting dropped.
    Internet noise will include various ICMP types and some UDP (linux and bsd systems substitues certian udp transmsission for the window's icmp tracert connections).
    However and more importantly a hacker will follow this procedure and will send "ACK" packets with information especially crafted for the responding port in attempts to enter the PC ane infect or hijack the computer. The hacker may spend hours or days, but if successful, he can own the computer, all the information on the computer and use all of the computer's bandwidth.
    This is why it is important to have the Internet Security slider set to High not Medium.

    If you have a router with SPI/NAT firewall or use a dsl modem that has a NAT firewall, then the incoming unwanted connections are dropped by the hardware firewall before they could reach the PC.
    In this case the Internet Security slider set to medium is of no importance or a security risk.

    Some people have "hardened" the windows and by default there are now no open ports on the system, just all closed ports. In this case the windows would never reply to the "ACK" packets and "OPEN" a connection. The computer's ports are all visible and so is their port status of "closed", but this is useless to a hacker, as even though the computer would respond to any incoming "SYN" packets with the "SYN/ACK" packets, it would never reply with the "ACK" packets.
    Open ports of the system will respond with the "ACK" packets and then the connection would be "OPEN" and connection are now finally established. And this is the possible security risk.

    Maybe too technical of an answer? Just understand it takes a fair amount of "chatter" back and forth before ports get opened or even if a connection can be established. These include the intially sent "SYN", answered back by "SYN/ACK" and the sender completes the "chatter" with "ACK" packets, before the connection is "OPEN".
    If the connections were established and sort of forgotten about by the iniating server, the receiving server will be polite and eventually send a "RST" packets, asking if the connections should be "reset" or re-established. At this point the sender will respond with "FIN" packets or "finished" or "CLOSE" the connetion.
    Occasional the sender will send the "FIN" packets asking the receiving server to stop replying and the connection will then be "CLOSE".

    Oldsod.

    Message Edited by Oldsod on 07-09-2008 04:48 PM
    Best regards.
    oldsod

  6. #16
    anotole Guest

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    wow...fascinating, and freaking scary when you are not as comnputer savvy as you are. But thanks for the time you spent explaining all that.
    NOW WHAT??? I am on medium otherwise I can't go online..I am a webdesigner - little problem for me.
    Thanks.

  7. #17
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    If the computer is behind a router with the spi/nat or behind a dsl modem with nat enabled, then do not sweat it with the lowering of the internet security slider.
    You are well protected from unwanted incoming connections with the hardware firewalls.
    Alternatively, uninstall those two ms updates and then raise the internet security slider to high.
    Oldsod.
    Best regards.
    oldsod

  8. #18
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    In this case, either uninstall the MS updates in question or lower the Internet Security slider to Medium.
    Best regards.
    Oldsod.
    Best regards.
    oldsod

  9. #19
    crystalwolf Guest

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access

    Hi I removed the 2 "updates"------->add remove programs/uninstall: KB951748 & KB951698It didn't work until I rebooted the computer, then ZA came on, everything ok.Laura

  10. #20
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Problems connecting to the Internet -- Zone Alarm seems to be blocking Access


    <blockquote><hr>crystalwolf wrote:
    Hi I removed the 2 "updates"------->add remove programs/uninstall: KB951748 & KB951698It didn't work until I rebooted the computer, then ZA came on, everything ok.Laura
    <hr></blockquote>
    Thank you Laura for your solution.
    Oldsod.
    Best regards.
    oldsod

Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •