Re: They can break ZoneAlarm easily !
From: David (davidwnh@adelphia.net)Date: 10/07/02
- Next message: Latet: "Re: They can break ZoneAlarm easily !"
- Previous message: David: "Re: They can break ZoneAlarm easily !"
- In reply to: Norman Miller: "Re: They can break ZoneAlarm easily !"
- Next in thread: Latet: "Re: They can break ZoneAlarm easily !"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David" <davidwnh@adelphia.net> Date: Mon, 07 Oct 2002 07:01:20 GMT
Nice to see a solid well presented answer here as opposed to some of the
script kiddie wiseass comments flourishing on the boards these days :)
"Norman Miller" <koko@soko.invalid> wrote in message
news:MPG.180ab310135f5db69897c6@news.sf.sbcglobal.net...
> In article <anppr7$pf8$1@pippin.warman.nask.pl>,
NOSPAM_latet@poczta.onet.pl
> says...
> > > How come ZA allowed that to happen?
> >
> > Someone just told me, that if a disk or folder is "shared" in LAN,
> > it is also possible to access it from the internet,
> > even if ZoneAlarm is set up correctly.
> >
> > What should I do then?
>
> If you have ICS, you should have two NICs installed. In this case, look at
the
> properties for the TCP/IP -> xDSL modem connected NIC. (There will
actually be
> an adapter name, but you should know which one is connected to the modem.)
> Look at the Bindings tab for that TCP/IP connection. You might have two
items
> listed; "Client for Microsoft Networks", and "File and printer sharing for
> Microsoft Networks". Since this is the outward facing connection, uncheck
both
> items. Windows will bitch at you about not having selected a protocol, but
> just ignore it. (Network information alert [!]: You have not selected any
> drivers to bind with. Would you like to select one now? Tell it no.)
>
> Reboot, and your shares should not be accessible from the Internet. You
should
> also get the latest definitions for your AV program, and get a Trojan
scanner.
> Anyone who had sufficient access to add a desktop item may have planted
> keyloggers, and the like.
>
> Follow the suggestions given elsewhere in the thread to lock down MSIE and
> MSOE. It takes some digging to get the right information, but they can be
> configured securely.
>
> Even after taking those precautions, you should still use password
protection
> on your shares. Do not share the root directories of any HDD. Limit share
> access to specific folders.
>
> Some recommend unbinding TCP/IP from the locally wired NIC, and replacing
it
> with either IPX/SPX, which is an old Netware protocol, or NetBEUI. If you
do
> switch protocols for the local NIC, don't add them to the xDSL modem NIC.
Keep
> your protocols separated.
>
> Don't put your public IP address as a trusted address for ZA. That is like
> putting your housekey in the outer lock of your front door. The ZA trusted
> address should only refer to LAN addresses behind the gateway. Possibly
your
> DNS addresses, but only if you need to fix a DNS resolution problem.
>
> --
> N.
> "At the far end of the tunnel, a mysterious town...
> Will Chihiro get back her name?
> Will she return to the world of humans?" Prepare to be "Spirited Away"...
> http://bventertainment.go.com/movies/spiritedaway/index.html
- Next message: Latet: "Re: They can break ZoneAlarm easily !"
- Previous message: David: "Re: They can break ZoneAlarm easily !"
- In reply to: Norman Miller: "Re: They can break ZoneAlarm easily !"
- Next in thread: Latet: "Re: They can break ZoneAlarm easily !"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
