Results 1 to 6 of 6

Thread: Security Issues

  1. #1
    SRDavisD Guest

    Default Security Issues

    I have ZAX on a laptop with a wireless card. When the network comes up,
    I am shown one network, IP address 192.168, but when I look at Zones
    There are IP addresses for my ISP providers DNS servers shown as being in my trusted zone. Why does ZAX allow that? How is that being done?
    Can expert rules stop this connection?

  2. #2
    Join Date
    Aug 2009
    Location
    Texas Gulf Coast
    Posts
    1,643

    Default Re: Security Issues

    Quote Originally Posted by SRDavisD View Post
    I have ZAX on a laptop with a wireless card. When the network comes up,
    I am shown one network, IP address 192.168, but when I look at Zones
    There are IP addresses for my ISP providers DNS servers shown as being in my trusted zone. Why does ZAX allow that? How is that being done?
    Can expert rules stop this connection?

    How is that being done?At install it is automatically detected by ZA.

    ISP SERVERS
    -----------
    In some cases your local network or Internet service provider may use
    certain servers or other devices which will require less restrictive access.
    These may include:

    - DNS servers
    - DHCP servers
    - Local or remote proxy servers
    - Gateway computer
    - Local routers or ISDN modems

    http://server.iad.liveperson.net/hc/s-28464961/cmd/kbresource/kb-4195594882482817705/view_question!PAGETYPE?sc=16&sf=101133&documentid= 347125&action=view

    Type at the Commmand Prompt " ipconfig /all " will show DNS Servers

    Also Loopback adapter 127.0.0.1 Ip Address and Trusted.If not add it to Firewall / Zones

    Look here :

    http://zonealarm.donhoover.net/dnsdhcp.html

    Domain Name System :

    http://en.wikipedia.org/wiki/Domain_Name_System


    Have a nice Day
    Last edited by Sky Soldiers; November 19th, 2009 at 12:05 PM. Reason: Typo Added Info

  3. #3
    SRDavisD Guest

    Default Re: Security Issues

    Perhaps I did not make myself clear, I don't want my ISP DNS servers in my Trusted Zone--I want them to be in the Internet Zone. A DNS server shouldn't have to collect to me network to provide DNS services. That would mean that my network is only as secure as my ISP's DNS servers.

    Why doesn't ZoneAlarm block these connections?

  4. #4
    Join Date
    Aug 2009
    Location
    Texas Gulf Coast
    Posts
    1,643

    Default Re: Security Issues

    Quote Originally Posted by SRDavisD View Post
    Why doesn't ZoneAlarm block these connections?

    A DNS server translates site names into IP addresses.

    Have no other suggestions to address your issue.If your license is current contact Support.They can give you an answer.

    Technical Support Live Chat
    Available Mon-Fri 7am-5:30pm PST
    Limited Availability Sat-Sun

    http://www.zonealarm.com/security/en...ce-support.htm

    Good Day
    Last edited by Sky Soldiers; November 25th, 2009 at 06:10 AM. Reason: Added Info

  5. #5
    critterjoe Guest

    Default Re: Security Issues

    Quote Originally Posted by SRDavisD View Post
    I have ZAX on a laptop with a wireless card. When the network comes up,
    I am shown one network, IP address 192.168, but when I look at Zones
    There are IP addresses for my ISP providers DNS servers shown as being in my trusted zone. Why does ZAX allow that? How is that being done?
    Can expert rules stop this connection?
    This answer has gotten to be too long, and likely confusing, since I have to guess on your possible scenarios without more info. So read it through and see if any is usable. If not, provide the additional info asked in various places below, and we'll start over from scratch or you can talk to Tech Support in online chat on Friday

    A router should be able to handle DNS service by DHCP. Did you ever add the DNS servers manually to ZAX Trusted zone, either on this version or on a previous version that you upgraded from? Normally you don't have to, but once you do it will persist. (see below)

    First, what zone do you want your overall network--trusted or internet? The following long answer assumes you want it in the Internet Zone. You didn't mention having other PC's sharing resources or not. However, after studying your posts some more, while it's not explicitly stated, if you actually want your network in the Trusted Zone, most of the following may not apply, although it gives you some places to check how things are set up.

    Second, what is shown in your zones when your router is turned off and you reboot. (i.e., when you are essentially "unplugged" from the Internet and reboot) It should either show nothing, or show only Loopback 127.0.0.1 (Trusted) or any other PC's or printers you have manually added. Any manual entries one has made will persist even when disconnected from the Internet. Are your DNS server addresses still listed or do they come and go depending on whether your router is on/connected? (To clear the transient Zone entries and see what is "really" persistent, you have to reboot while the router is turned off. Just turning the router off won't make the entry go away until the next session.)

    As far as I know ZA should not even know what your DNS servers are if the router is doing all the DNS translation, ZA will go along with the router.. Windows and your PC will see the DNS server as 192.168.0.1, or some variation depending on your brand of router. And since this number is usually within the range of your network IP that ZA identities, it doesn't require an additional entry in most cases. I assume your zone page is showing the actual ISP DNS numbers instead of a 192.168.x.x designate. (Some people who have had trouble with dropped connections have had to manually add the DNS servers to their trusted zone, in which case the numbers would still show in ZA when disconnected and reboot.)

    If the numbers automatically appear each time you reboot and connect, then I suspect the problem is something to do with how your router is passing it to your laptop. In your router setup you may see a place to select how to handle the DNS. Often the choices are:
    1) Get automatically from ISP
    2) Or it may have two fields to insert two specific sets of DNS servers.

    If your router is actually programmed with the actual DNS numbers, try changing the selection to "automatically get it from the ISP" and see if that changes anything. Be aware you may also have to change this in your Windows settings as well (at least in Windows XP--I don't know about other Windows versions), To see how you have it set up in Windows, in XP, in the Network Properties for your Local Area Connection, there is a place to let Windows get your DNS servers automatically, or from two servers that you input manually. If you chose to input the DNS manually in that Windows setting, it may override the router setting. So you ought to check what you have set up in Windows as well. I have "automatically" in both the Windows network connection property and in the router. i.e., none of my system or the router has the DNS numbers anywhere. If you absolutely must input the DNS servers, I'd put them in the router, but not in the Windows property of your network connection. Windows will still "automatically" get it from the router, but it should show up to Windows as 192.168.X.X as far as I know. I'm no expert; just a fellow user.

    If one is not having connection problems, there should be no reason AFAIK to manually place the DNS servers in the Trusted Zone, and they should automatically be within your network range (network IP address and subnet), so they normally won't show up at all in the Zones page as a separate entry, but will be at whatever setting you have your network range set. And that range should be automatically identified by ZA as your "network" each time you connect. If, however, you want the DNS servers in a different zone than your network zone; i.e., if your network zone is trusted and you want DNS servers internet (rather than both network and DNS in "internet") then some of the above may not necessarily apply. More info needed.

    After all this verbosity (sorry about that) this may not have solved anything, but it gives you something to investigate and report back with more info so we can understand which scenario is occurring. Also report what operating system you are using, and which version of ZAX. Thanks!

    ADDENDUM: The following is for Windows XP. (not sure how Vista and Win 7 handle it). To see what DNS addresses your computer is seeing, while connected to the Internet, from a command line you can type "ipconfig /all" without quotes (as Sky Soldiers suggested) to display the info. An alternative is, while connected to the Internet, in the system tray click on the little connection indicator and a connection status popup will appear. Click the SUPPORT tab, then DETAILS, and you will see all your ipconfig info. One of these entries will show you the DNS that Windows sees.
    Last edited by critterjoe; November 26th, 2009 at 01:54 AM. Reason: Clarification

  6. #6
    critterjoe Guest

    Default Re: Security Issues

    One last question:

    When you saw the DNS entries in your ZA Zone's panel, did you try to change the Zone setting for them by selecting each, right-clicking and choosing EDIT? And then changing the zone to Internet in the popup? While that might be a workaround (I don't know; haven't had to try it), it doesn't explain why they were added as Trusted in the first place. If that's all you want to do, that would be a simple thing to try until you can talk to Tech Support on Friday. Whether that would persist on each boot up, I don't know since ZAX at start has a checkmark on it when it pops up with "new network" about automatically configuring trusted networks or something to that effect, so not sure if that checkmark causes everything to reset each time or not. That's another question for Tech Support chat.

    Good luck.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •