Re: Zone Alarm Woes

neosad1st_at_charter.net
Date: 01/18/04 

Date: Sat, 17 Jan 2004 22:27:19 -0700

Noyb wrote:

> Can someone tell me why Zone Alarm won't play nice?

Uh, it plays? And it doesn't play nice? At least yours plays with you -- my
zone alarm doesn't even play with me at all ... :( lol

> I'm on WinXP Pro

Could that be the first problem? ;)

> running Apache

Your own web server? hmm ...

> with Zone Alarm Pro 4.5 behind a linksys router

Two firewalls? hmmm...

> which is
> forwarding port 80 to my machine (we'll call it 10.11.12.13),

Uh, linksys routers usually prefer that you use DHCP and that you use
192.168.1.x ip's.

> WinXP's
> firewall is off.

Good start ... WinXP's ICF usually just blocks incoming SYN packets, which
would be a bad thing if you're running apache...

> Web traffic gets through fantastically when Zone Alarm
> is shut down,

Imagine that! ;)

> but when it's up port 80 gets blocked. Under ZA's Program
> Control I've checked (set to allow) everything for Apache HTTP Server
> and Monitor. Any ideas?

Contact the zone alarm people.

> Any suggestions for another firewall?

Yeah -- use Linux with apache and use iptables firewall, that's my opinion.
That way you can build a machine that does nothing but apache. Here's what
the firewall script would look like (simplified):

Block all fragmented packets
Block all spoofing attempts
Allow icmp echo request and reply
Allow state NEW,ESTABLISHED,RELATED over the http port you want
Block everything else

You can also run SNORT, which is an intrusion detection system.

Also, you can get a cheap i586 (pentium 1 / pro or k6-I/II/III) with 128mb
ram and two network cards, and use that as a router/firewall solution. I
have a Linksys Firewall router, but I prefer the smoothwall 2.0 I built
over the linksys.

> TIA
> Steve 

-- 
COMPASS [for the CDC-6000 series] is the sort of assembler one expects from
a corporation whose president codes in octal.
                -- J.N. Gray

Relevant Pages

  • Re: Zone Alarm Woes
    ... | Can someone tell me why Zone Alarm won't play nice? ... I'm on WinXP Pro ... | Control I've checked everything for Apache HTTP Server ... Any suggestions for another firewall? ...
    (comp.security.firewalls)
  • Re: Zone Alarm & Apache
    ... >>I have recently been looking at particular servers to use to help me ... Obviously apache comes up a lot. ... >>am using Zone Alarm 3.1.395 as my firewall and i have read on ...
    (comp.security.firewalls)
  • Zone Alarm & Apache
    ... I have recently been looking at particular servers to use to help me ... Obviously apache comes up a lot. ... am using Zone Alarm 3.1.395 as my firewall and i have read on ... apache.org that Zone Alarm is not supported and many people ...
    (comp.security.firewalls)
  • Re: Zone Alarm & Apache
    ... >I have recently been looking at particular servers to use to help me ... Obviously apache comes up a lot. ... >am using Zone Alarm 3.1.395 as my firewall and i have read on ... >apache.org that Zone Alarm is not supported and many people ...
    (comp.security.firewalls)
  • WMP only plays first stream in WSX on WMS
    ... This seems to be working on most configurations on windows, on linux it only plays the first element then stops, it would be nice to know why it doesn't play on linux but it's not the real problem. ... I could only find this article relevant to this error http://support.microsoft.com/kb/q256277/ but it doesn't provide a solution, I dont have load balancing, the player is embedded in a web page, and the client is behind a firewall but what needs to be done to the firewall? ...
    (microsoft.public.windowsmedia.server)