Re: They can break ZoneAlarm easily !

From: Duane Arnold (darnold92@Insightbb.com)
Date: 10/06/02

• Next message: ZZZZZZZ: "Re: They can break ZoneAlarm easily !"
• Previous message: EricL: "Re: NBG800 Hackers Test."
• In reply to: : "Re: They can break ZoneAlarm easily !"
• Next in thread: ZZZZZZZ: "Re: They can break ZoneAlarm easily !"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Duane Arnold" <darnold92@Insightbb.com>
Date: Sun, 06 Oct 2002 19:54:25 GMT

I have tried to make this post a couple of times. So if it shows more then
once... sorry!

I absolutely agree with you on this Neo. And may I make this post here which
was a reply I made to a poster who was having issues with his XP machine in
the virus newsgroup.

>Also, ZoneAlarm Pro & Norton AntiVirus (both up to date) have
> detected nothing.

That's all well and good that you have them. It boggles my mind how the
average home user thinks that he or she can just throw up the little
security blanket and think that's all that is needed.

You have one of the most powerful OS there is with lots of security features
that you can enable, incorporate or procedurally do to protect the
machine.

It's a shame that users have IE and OE on the machine and don't know how to
secure them. IE and OE will protect themselves and you very well if you know
what needs to be done.

You and others need to learn what and how to do to secure things on the
machine. I am no better then anyone, but the one thing I have done is learn
what to do.

I suggest to you and the rest to take the time and learn by going to
www.google.com and search on "Securing Outlook Express", "Securing Internet
Explorer", "Securing Windows XP", etc. etc. There are tons of articles that
will give you the knowledge.

By learning what and how to do, along with the little security blanket, you
should be protected fairly well.

But remember, nothing is hack and virus proof, and you can only do the best
you can to prevent it.

Duane :)

"NeoSadist" <neos@dist> wrote in message
news:uq10u05kkp6h57@corp.supernews.com...
>
> "Duane Arnold" <darnold92@Insightbb.com> wrote in message
> news:oS_n9.60640$xI5.11904@sccrnsc02...
> > > What should I do then?
> >
> > You could run an Intrusion Detection System in conjunction with ZA to
> better
> > protect the machine.
> >
> > Snort/IDS is free software that can be installed on the machine. I don't
> > know if it will run on the Win 9x OS... check it out.
> >
> > You could also install BalckIce\IDS on the machine and run it in
> conjunction
> > with ZA You could turn off BlackIce's Application and Communication
> controls
> > on the 3.5 version and tell the BalckIce firewall to ACCEPT, not
> > ACCEPT/TRUST or TRUST, all IP(s) on TCP and UDP ports. By doing the
> ACCEPT
> > only, you enable BlackIce's IDS system, which will inspect the data in
the
> > network traffic for attack patterns.
> >
> > You can also get an older version of BlackIce such as version 2.9 and
> below,
> > which doesn't have Application and Communication control features and
put
> it
> > on the machine with ZA.
> >
> > I hope this helps
> >
> > Duane :)
> >
> >
> > "Latet" <NOSPAM_latet@poczta.onet.pl> wrote in message
> > news:anppr7$pf8$1@pippin.warman.nask.pl...
> > > > How come ZA allowed that to happen?
> > >
> > > Someone just told me, that if a disk or folder is "shared" in LAN,
> > > it is also possible to access it from the internet,
> > > even if ZoneAlarm is set up correctly.
> > >
> > > What should I do then?
> > >
> > > Thanks.
> > >
> > > Latet.
> > >
> > >
> >
> >
>
>
> I advise against intrusion detection systems. Usually they only
complicate
> or reduce your firewall's effectiveness due to how they install and how
they
> access certain system files. This was an issue raised a while back about
> people running two firewalls -- they would conflict with each other.
> I would suggest turning off your shared folders and use TelNet over the
LAN
> to share, if you're that worried.
> Also, I'd be using only TCP/IP protocol, i.e. not NetBIOS, due to that
also
> being raised a while back as an internet security issue.
> However, also, if you're using ICS to share the DSL modem, I'd instead buy
a
> broadband router, since most those include NAT "firewall" and either a
> packet filter firewall or a port mapper or some other additional security.
> For example, mine has stateful packet inspection. All the internet scans
I
> can run have deemed my security safe.
> But, however, I would suggest that you look that email thing up, since I
> think some emails can, as a script, create files on your desktop. If your
> outlook express settings are restricted zone (Tools > Options > Security),
> that should be sufficient.
> Another issue, however, is your operating system. Compared to windows
> 2000/xp and linux, I'd say your operating system is one of your main
> vulerabilities. Do you use windows update frequently?
> Also, I'd try deleting your cookies, and then making sure in your internet
> security zones (all of them) that you go to the bottom in the custom
> settings and make sure your User Authentication > Logon is set to "Prompt
> for user name and password". Another thing would be to set your Microsoft
> VM > Java permissions to Disable Java (for LAN and restricted zone only)
and
> High safety for all other zones.
> Also, purge your zone sites.
> Also, if you have IE 6, go set your privacy settings (under advanced) to
> Override automatic cookie handling checked, with first party cookies
> accepted but third party cookies blocked, and put a check in "Always allow
> session cookies". I don't trust ads nor their cookies, so I like to do
> that.
> Honestly, if you're using ZA Pro, I'd be calling them and asking them why.
> But it could be your email settings, or a script from the email they sent.
> I've never heard of this.
> The above are my opinions, and they are what I would do if it were me.
>
>

---

• Next message: ZZZZZZZ: "Re: They can break ZoneAlarm easily !"
• Previous message: EricL: "Re: NBG800 Hackers Test."
• In reply to: : "Re: They can break ZoneAlarm easily !"
• Next in thread: ZZZZZZZ: "Re: They can break ZoneAlarm easily !"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Your Current Security Settings Prohibit running Active X Contr ... Working with Internet Explorer 6 Security Settings ... Setting Up Security Zones ... Dermot wrote: ... (microsoft.public.windows.inetexplorer.ie6.browser) Re: They can break ZoneAlarm easily ! ... packet filter firewall or a port mapper or some other additional security. ... outlook express settings are restricted zone, ... Also, I'd try deleting your cookies, and then making sure in your internet ... (comp.security.firewalls) Re: IE6 problems with verizon search ... Are you running WinXP SP2 or WinXP SP3? ... This step will help us clear cookies, restore the security level back ... Select the General tab, and in the Temporary Internet files window, click ... (microsoft.public.windows.inetexplorer.ie6.browser) Re: ActiveX controlls blocked on IE ... I wonder if they are marked as "Disabled" in your IE Security zones.. ... Have a look at the various options under Tools --> Internet Options ... Make a note of your current settings there then try changing ... (microsoft.public.security) [NEWS] Mozilla Cookie Stealing ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Cookies are often used to identify and authenticate users to a website. ... A bug in Mozilla allows an attacker to steal the user's cookies for any ... Mozilla has a bug that lets you bypass this protection and steal cookies ... (Securiteam)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)