Results 1 to 8 of 8

Thread: Configuration question, new version ZA+AV free 12.0.104.000

  1. #1

    Default Configuration question, new version ZA+AV free 12.0.104.000

    Hi,

    after I've done a clean installation, my networks (1 PC + router = Internet/DHCP) are both in the trusted zone.
    I'm wondering why this is so.
    Before the settings were IP range=internet and DHCP=trusted).

    Any recommendations or explanations are appreciated.

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: Configuration question, new version ZA+AV free 12.0.104.000

    Hi!

    this is the default behaviour since sometime. The LAN (your internal network - i.e. 192.168.X.X - 255.255...) and DHCP is set automatically as Trusted. On a new installs, if you are on windows 7 or 8, ZA will take the settings directly from the OS. If you are still on XP, you should get a pop (unless this has changed in version 12).

    You may have reduncies in the settings. e.g. if your LAN is set as trusted and your router is managing the DHCP, then the DHCP entry will become redundant as you are already trusting the LAN. And so on....

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3

    Default Re: Configuration question, new version ZA+AV free 12.0.104.000

    Hi fax,

    thanks for the detailed explanation. Very informative.

    I'm on windows 7 so this fits to me.

    But I'm just a little unsure if this is cool, because in another not old post I read the statement that setting the internal network as trusted means revealing it to the whole internet thus rendering the firewall almost useless.

    Also (if it's for interest) I ran a scan on GRC's shields up, saying some common ports are closed instead of stealth (in the past all were described as stealth. Is it a change of ZA in dealing with solicated TCP packages ?

    BTW: I don't want to break a discussion over "closed" is less secure then "stealthed"

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: Configuration question, new version ZA+AV free 12.0.104.000

    Probably there is a misunderstanding, the internal network cannot be reached directly from the network. So, there is no way you are exposing your PCs if you set the LAN as trusted. If instead the network is not a router but a modem then you have indeed a problem as you are directly open to internet.

    If at GRC your ports are all closed and not stealthed than it means your router does only NAT (address translation from Internet IPs into 192.168.X.X of your LAN) and does not have a firewall with stealth capability.

    So, you router is facing the internet and thats what GRC is testing (not ZA). You should check the router manual if there is any setting for the firewall.

    Can you confirm that you have 192.168.X.X type of addresses listed in ZA? Just in case

    Thanks,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5

    Default Re: Configuration question, new version ZA+AV free 12.0.104.000

    Quote Originally Posted by fax View Post
    Probably there is a misunderstanding, the internal network cannot be reached directly from the network. So, there is no way you are exposing your PCs if you set the LAN as trusted. If instead the network is not a router but a modem then you have indeed a problem as you are directly open to internet.
    I'm behind a router (FritzBox).

    Quote Originally Posted by fax View Post
    If at GRC your ports are all closed and not stealthed than it means your router does only NAT (address translation from Internet IPs into 192.168.X.X of your LAN) and does not have a firewall with stealth capability.
    Some, not all ports are closed. Common ports as (0,23,79,1025-1030, 1720 and 50000). I notice that on the last scan e.g. FTP port 21 and DCOM port 1024 was closed and is now stealthed. Maybe somekind of "learning" ?

    Quote Originally Posted by fax View Post
    So, you router is facing the internet and thats what GRC is testing (not ZA). You should check the router manual if there is any setting for the firewall.
    I'll check but there is not much to configure that way I guess. Besides, the UPNP-router check is perfect.

    Quote Originally Posted by fax View Post
    Can you confirm that you have 192.168.X.X type of addresses listed in ZA? Just in case
    Yes, 192.168.X.X is listed in ZA.

  6. #6
    Join Date
    Aug 2009
    Location
    Texas Gulf Coast
    Posts
    1,645

    Default Re: Configuration question, new version ZA+AV free 12.0.104.000

    Quote Originally Posted by Darklord666 View Post
    Hi,

    after I've done a clean installation, my networks (1 PC + router = Internet/DHCP) are both in the trusted zone.
    I'm wondering why this is so.
    Before the settings were IP range=internet and DHCP=trusted).

    Any recommendations or explanations are appreciated.
    Maybe this might help.

    A computer can receive its IP address from the DHCP server only when the "Obtain an IP address automatically" option is selected on the computer.

    TCP/IP defines how your computer communicates with other computers.

    http://windows.microsoft.com/en-us/w...cp-ip-settings

    Do ipconfig /all to check current TCP/IP network configuration values.

    As fax suggested.Router configuration is issue for not fully Stealth.Most routers can be configured using Web-based user interface to configure the router settings.

    Read all Definitions.Especially Poorly Secured NAT Routers.

    Internet Port Status Definitions :

    https://www.grc.com/su/portstatusinfo.htm

    Have no other suggestions to offer.
    Last edited by Sky Soldiers; November 4th, 2013 at 05:39 PM. Reason: Typo, more info, reword

  7. #7

    Default Re: Configuration question, new version ZA+AV free 12.0.104.000

    Hi guys !

    Thanks for your input. I think I found the cause of the display of closed ports. I was wondering why after each scan on GRC the ports changed and if I choose scan all service ports, it shows a blue diagonal line (means closed) of ports. Strange.

    It is neither my router nor ZA who causes this. There seems to be a problem on GRC site to analyze the packets fast enough. There was a recent change there. So packets are not dropped, they are just not recognized. You can read details in the newsgroups there.

    So, I guess I live with that and assume, that all ports are stealthed, because this was the result the last time (and all times before) I did the scan on shieldsup! before I re-installed ZA. Silly coincidence that leads me believe the cause to be ZA in first place.
    Last edited by Darklord666; November 5th, 2013 at 07:21 AM. Reason: typos

  8. #8
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: Configuration question, new version ZA+AV free 12.0.104.000

    Yeap, regardless of results at GRC, your router is facing the internet so it is the one been audited. Normally, fritz routers are rather solid so, it is likely, as you suggest, a GRC issue than a problem in your router.

    Thanks,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Spyware Configuration Question
    By morey in forum ZoneAlarm Configuration
    Replies: 9
    Last Post: July 17th, 2008, 01:13 PM
  2. Configuration question
    By ccannard in forum ZoneAlarm Configuration
    Replies: 7
    Last Post: June 23rd, 2008, 10:20 AM
  3. AD-AWARE SE FREE VERSION QUESTION
    By tasman in forum Off-Topic
    Replies: 10
    Last Post: December 9th, 2007, 05:49 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •