Re: Zone Labs Pro question
From: Rick (blue-nospam@verizon.net)
Date: 03/15/03
- Next message: Colin Swift: "Re: how difficult is CCSA NG cert?"
- Previous message: Ralf Gerke: "Re: SmartFirewall.Com"
- In reply to: David: "Re: Zone Labs Pro question"
- Next in thread: mhicaoidh: "Re: Zone Labs Pro question"
- Reply: mhicaoidh: "Re: Zone Labs Pro question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Rick" <blue-nospam@verizon.net> Date: Sat, 15 Mar 2003 11:59:49 GMT
In the tab for Internet Zone, which I've set for High security, the
description at the top says: "High security blocks all network traffic
except authorized program traffic and traffic indicated by a check mark",
then below that are about a dozen items you might want to allow. Among
those are these two:
- Allow incoming TCP ports
- Allow outgoing TCP ports
Both of these are UNchecked and they say (None selected)
So unless I'm readng this wrong I think all network traffic coming in or out
those TCP ports is blocked without having to explicitly declare port
addresses. And it seems that any address you would specify here would be
ports to ALLOW traffic through.
David wrote:
> Thanks again mh...I always call that advanced for some reason...One of
> these days I'll
> explicitly remember Custom, but I don't use it anymore so I have nothing
> to refer to except my aging memory. Oldtimers disease setting in at an
> early age or something :)
>
> Anyhow he needs to block them for outbound traffic and they are only
> blocked inbound by the normal security level settings. There is no
> telling whether this guy has already given some obscure IRC trojan rights
> under the application control so he really does need to block those ports
> going out. Everyone who doesn't use IRC should explicitly block these to
> all outbound traffic because this is what most of the trojans use these
> days. So even if they somehow trick the user through the application
> control they are still blocked.
>
>>>
>>> Hi, thanks a whole lot for this. NetBIOS is disabled but I'm still
>>> getting these frequent alerts. Can you tell me how I block outgoing TCP
>>> on ports 6665-6669 on ZAP? I went into the Firewall panel, Main tab,
>>> and clicked on the Advanced button but I don't see anything in that
>>> dialog that allows me to specify a range of ports to block.
>>
>> Click on the Custom tab rather than the Advanced tab. Though, you'll
>> find based on the verbiage that those ports are implicitly blocked when
>> at High security.
- Next message: Colin Swift: "Re: how difficult is CCSA NG cert?"
- Previous message: Ralf Gerke: "Re: SmartFirewall.Com"
- In reply to: David: "Re: Zone Labs Pro question"
- Next in thread: mhicaoidh: "Re: Zone Labs Pro question"
- Reply: mhicaoidh: "Re: Zone Labs Pro question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
