If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Windows Security Update CD Feb 2004
I am sure that there are a lot of computer users who have received the free
Security Update CD, if any of you have installed the EZ Antivirus and Firewall software I would be interested to read about your experience with them. In particular, I would like to know if you have checked the level of security using Shields-UP!! I have installed the software on a Dell Dimension 4100 using Windows ME which is connected via a Dell Dimension 4500 using Windows XP. The Shields-UP!! security test on the ME computer suggests that there are weaknesses in the EZ Firewall. On the XP computer the security is first class. I have consulted the EZ Firewall Knowledge Base Documents (Document 75) which claims that this can happen for the LAN set-up that I have but I am rather sceptical since, if Shields-UP!! can find weak points, what is stopping less scrupulous websites from doing the same thing? Pitstop, on the other hand, gives the computer a satisfactory report. Has anybody had any similar reports? T.Hyde |
#3
|
|||
|
|||
Windows Security Update CD Feb 2004
Correct me if this is no longer right.....but isn't the firewall in EZ Trust
one of the Version 3.xxx's of Zone Alarm?? That alone should make it all right with GRC. And I use EZ Trust and ZAPro 4.538.xxx and have absolutely no problems with it, but did have problems with 3.xxx versions. Just my thoughts.....Heather "Mike M" wrote in message ... Do not rely on grc.com for sensible advice on firewalls. Gibson is a self-publicist who knows little or nothing about networking and even less about net security. -- Mike Maltby MS-MVP Tom _Hyde wrote: I am sure that there are a lot of computer users who have received the free Security Update CD, if any of you have installed the EZ Antivirus and Firewall software I would be interested to read about your experience with them. In particular, I would like to know if you have checked the level of security using Shields-UP!! I have installed the software on a Dell Dimension 4100 using Windows ME which is connected via a Dell Dimension 4500 using Windows XP. The Shields-UP!! security test on the ME computer suggests that there are weaknesses in the EZ Firewall. On the XP computer the security is first class. I have consulted the EZ Firewall Knowledge Base Documents (Document 75) which claims that this can happen for the LAN set-up that I have but I am rather sceptical since, if Shields-UP!! can find weak points, what is stopping less scrupulous websites from doing the same thing? Pitstop, on the other hand, gives the computer a satisfactory report. Has anybody had any similar reports? T.Hyde |
#4
|
|||
|
|||
Windows Security Update CD Feb 2004
To Mike M and Heather, thank you for your replies. I had read that there
was some kind of link between EZ Trust and Zone Alarm but I did not have any specific information. Were the problems with ZA Vers. 3.xxx significant? Did you have any unwelcome trojans or spyware? I have no knowledge of the professional skills or technical ability of Gibson , but the fact remains that Shields UP!! detected weaknesses in the security of my ME computer. "Heather" wrote in message ... Correct me if this is no longer right.....but isn't the firewall in EZ Trust one of the Version 3.xxx's of Zone Alarm?? That alone should make it all right with GRC. And I use EZ Trust and ZAPro 4.538.xxx and have absolutely no problems with it, but did have problems with 3.xxx versions. Just my thoughts.....Heather "Mike M" wrote in message ... Do not rely on grc.com for sensible advice on firewalls. Gibson is a self-publicist who knows little or nothing about networking and even less about net security. -- Mike Maltby MS-MVP Tom _Hyde wrote: I am sure that there are a lot of computer users who have received the free Security Update CD, if any of you have installed the EZ Antivirus and Firewall software I would be interested to read about your experience with them. In particular, I would like to know if you have checked the level of security using Shields-UP!! I have installed the software on a Dell Dimension 4100 using Windows ME which is connected via a Dell Dimension 4500 using Windows XP. The Shields-UP!! security test on the ME computer suggests that there are weaknesses in the EZ Firewall. On the XP computer the security is first class. I have consulted the EZ Firewall Knowledge Base Documents (Document 75) which claims that this can happen for the LAN set-up that I have but I am rather sceptical since, if Shields-UP!! can find weak points, what is stopping less scrupulous websites from doing the same thing? Pitstop, on the other hand, gives the computer a satisfactory report. Has anybody had any similar reports? T.Hyde |
#5
|
|||
|
|||
Windows Security Update CD Feb 2004
Did you have any unwelcome trojans or spyware?
Not at all. There is a problem though in that many recent versions of Zone Alarm seem to prevent some PCs running Win Me from creating automatic system restore checkpoints. The problem being, where it occurs, that on some ZA can cause the state manager to "think" that the PC is never idle. Manual checkpoints can be created without problem and ZA has no effect on the actual workings of system restore unlike say Symantec's NAV which can make the system restore archive unusable. By no means all users have problems with lack of checkpoints when running Win Me with ZA, some do and some don't - it appears to be luck of the draw. Shields UP!! detected weaknesses in the security of my ME computer. Who's to say these were weaknesses other than the self-appointed non-guru Gibson? -- Mike Maltby MS-MVP Tom _Hyde wrote: To Mike M and Heather, thank you for your replies. I had read that there was some kind of link between EZ Trust and Zone Alarm but I did not have any specific information. Were the problems with ZA Vers. 3.xxx significant? Did you have any unwelcome trojans or spyware? I have no knowledge of the professional skills or technical ability of Gibson , but the fact remains that Shields UP!! detected weaknesses in the security of my ME computer. |
#6
|
|||
|
|||
Windows Security Update CD Feb 2004
I also ran security checks using Pitstop, Sygate and Symantec, Pitstop and
Sygate did not detect any holes but Symantec detected a significant number. According to the EZ Firewall Knowledge Documents, ID 1805, Symantec's report is biased because they are EZ's competitors. EZ also say that, for a network set-up like ours where the ME computer is linked to the internet via another computer (XP) in a LAN, then the tests are spurious because the computer that is actually tested is not the one being used. I checked the IP address that was being tested using the RIPE data base and it showed that the address had been assigned to my cable company. So I am feeling more reassured, I wonder if there is a program that can test the security of our system. The XP always passes the tests without problems. T.Hyde "Mike M" wrote in message ... Did you have any unwelcome trojans or spyware? Not at all. There is a problem though in that many recent versions of Zone Alarm seem to prevent some PCs running Win Me from creating automatic system restore checkpoints. The problem being, where it occurs, that on some ZA can cause the state manager to "think" that the PC is never idle. Manual checkpoints can be created without problem and ZA has no effect on the actual workings of system restore unlike say Symantec's NAV which can make the system restore archive unusable. By no means all users have problems with lack of checkpoints when running Win Me with ZA, some do and some don't - it appears to be luck of the draw. Shields UP!! detected weaknesses in the security of my ME computer. Who's to say these were weaknesses other than the self-appointed non-guru Gibson? -- Mike Maltby MS-MVP Tom _Hyde wrote: To Mike M and Heather, thank you for your replies. I had read that there was some kind of link between EZ Trust and Zone Alarm but I did not have any specific information. Were the problems with ZA Vers. 3.xxx significant? Did you have any unwelcome trojans or spyware? I have no knowledge of the professional skills or technical ability of Gibson , but the fact remains that Shields UP!! detected weaknesses in the security of my ME computer. |
#7
|
|||
|
|||
Windows Security Update CD Feb 2004
If you are connecting to the net using Internet Connection Sharing (ICS), in
this case running on an XP PC, you are isolated from the net since you are using what is called Network Address Translation (NAT). In other words the address on the client PC, that is your Win Me PC, is a private address assigned to it by the DHCP server running on the XP box and thus your Win Me PC is not directly accessible from the net. The same applies here although in this case I am using a router rather than having one PC connecting to the net and using ICS. My router also uses NAT with my current outward (WAN) facing IP address being 212.158.222.126 whereas the IP address of this PC, which is assigned by the DHCP server on the router is 192.168.0.80. What I am trying to say, and not very well, is that any PC assigned a private address is invisible to the net at large as such addresses are what is called non routable. Public addresses such as my 212.158.222.126 is unique whereas there are probably hundreds of thousands of PCs, most able to access the net via router or similar that have the private address 192.168.0.80. In my case there are five PCs here all with different private addresses in the 192.168.0.? range yet to the outside world I present just the one address 212.158.222.126 and the router, and in your case ICS on the XP PC, looks after the necessary address translation between the net side of the connection and the private home side. I see that your public address is 82.35.145.221 (Blueyonder in the UK, mine is Bulldog also in the UK) which is probably the address of your XP box whereas your Win Me box possibly has a private address such as 192.168.0.2. I realise that I am most likely confusing what is already a confused situation but basically your ICS host PC, your XP box, is the machine responsible for outward facing security (that is controlling what may enter and leave your network) rather than your Win Me client with its private address. Where a product such as Zone Alarm comes to the fore is in letting you know and allowing you to control how and what applications on your PC can connect to the net. Regards, -- Mike Maltby Tom _Hyde wrote: I also ran security checks using Pitstop, Sygate and Symantec, Pitstop and Sygate did not detect any holes but Symantec detected a significant number. According to the EZ Firewall Knowledge Documents, ID 1805, Symantec's report is biased because they are EZ's competitors. EZ also say that, for a network set-up like ours where the ME computer is linked to the internet via another computer (XP) in a LAN, then the tests are spurious because the computer that is actually tested is not the one being used. I checked the IP address that was being tested using the RIPE data base and it showed that the address had been assigned to my cable company. So I am feeling more reassured, I wonder if there is a program that can test the security of our system. The XP always passes the tests without problems. |
#8
|
|||
|
|||
Windows Security Update CD Feb 2004
To Mike M: Thank you for spending your valuable time to give an excellent
explanation of the topics that were bothering me. This news server is like many other user forums, for example Delltalk and BigBlueBall, if a user has a problem he is more likely to get a helpful and quicker response in the user forums than trying to contact the so-called official support services. T.Hyde "Mike M" wrote in message ... If you are connecting to the net using Internet Connection Sharing (ICS), in this case running on an XP PC, you are isolated from the net since you are using what is called Network Address Translation (NAT). In other words the address on the client PC, that is your Win Me PC, is a private address assigned to it by the DHCP server running on the XP box and thus your Win Me PC is not directly accessible from the net. The same applies here although in this case I am using a router rather than having one PC connecting to the net and using ICS. My router also uses NAT with my current outward (WAN) facing IP address being 212.158.222.126 whereas the IP address of this PC, which is assigned by the DHCP server on the router is 192.168.0.80. What I am trying to say, and not very well, is that any PC assigned a private address is invisible to the net at large as such addresses are what is called non routable. Public addresses such as my 212.158.222.126 is unique whereas there are probably hundreds of thousands of PCs, most able to access the net via router or similar that have the private address 192.168.0.80. In my case there are five PCs here all with different private addresses in the 192.168.0.? range yet to the outside world I present just the one address 212.158.222.126 and the router, and in your case ICS on the XP PC, looks after the necessary address translation between the net side of the connection and the private home side. I see that your public address is 82.35.145.221 (Blueyonder in the UK, mine is Bulldog also in the UK) which is probably the address of your XP box whereas your Win Me box possibly has a private address such as 192.168.0.2. I realise that I am most likely confusing what is already a confused situation but basically your ICS host PC, your XP box, is the machine responsible for outward facing security (that is controlling what may enter and leave your network) rather than your Win Me client with its private address. Where a product such as Zone Alarm comes to the fore is in letting you know and allowing you to control how and what applications on your PC can connect to the net. Regards, -- Mike Maltby Tom _Hyde wrote: I also ran security checks using Pitstop, Sygate and Symantec, Pitstop and Sygate did not detect any holes but Symantec detected a significant number. According to the EZ Firewall Knowledge Documents, ID 1805, Symantec's report is biased because they are EZ's competitors. EZ also say that, for a network set-up like ours where the ME computer is linked to the internet via another computer (XP) in a LAN, then the tests are spurious because the computer that is actually tested is not the one being used. I checked the IP address that was being tested using the RIPE data base and it showed that the address had been assigned to my cable company. So I am feeling more reassured, I wonder if there is a program that can test the security of our system. The XP always passes the tests without problems. |
#9
|
|||
|
|||
Windows Security Update CD Feb 2004
I just hope Tom you understood at least part of what I wrote. If not don't
worry, I've just re-read it myself and totally confused myself. g Cheers, -- Mike M Tom _Hyde wrote: To Mike M: Thank you for spending your valuable time to give an excellent explanation of the topics that were bothering me. This news server is like many other user forums, for example Delltalk and BigBlueBall, if a user has a problem he is more likely to get a helpful and quicker response in the user forums than trying to contact the so-called official support services. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Microsoft Security Bulletin MS04-018 - Cumulative Security Update for Outlook Express (823353) | PA Bear | General | 5 | July 15th 04 05:49 AM |
Microsoft Security Bulletin MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) | Gary S. Terhune | General | 2 | July 14th 04 05:06 AM |
Microsoft Security Bulletin MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) | Gary S. Terhune | General | 2 | July 14th 04 05:06 AM |
Microsoft Security Bulletin MS04-023--Please Note! | Gary S. Terhune | General | 4 | July 14th 04 04:39 AM |
Microsoft Security Bulletin MS04-023--Please Note! | Gary S. Terhune | General | 4 | July 14th 04 04:39 AM |