Author Topic: ZoneAlarm Pro is a facist piece of shit!  (Read 1835 times)

Refalm

  • Administrator
  • Member
  • ***
  • Posts: 5,183
  • Kudos: 704
  • Sjembek!
    • RADIOKNOP
ZoneAlarm Pro is a facist piece of shit!
« on: 8 December 2002, 22:47 »
If your on Windows, do NOT use ZoneAlarm Pro... this is what hapenned to me:

Installed the new update.
Went to nl.openoffice.org, and a screen poped up that the website was blocked because according to ZoneAlarm Pro it contained "hacker/proxy cracking tools".
It was done by ZoneAlarm Pro's webfilter. If I payed $ 20 more for ZoneAlarm Pro, I would be able to control the webfilter  :mad:

I'm now using an alternative firewall... I just can't wait until I get a larger hard-disk, so that my relatives will allow me to install Red Hat 8.0 on MY computer.

"NOFX - What's the matter with parents today"

Master of Reality

  • VIP
  • Member
  • ***
  • Posts: 4,249
  • Kudos: 177
    • http://www.bobhub.tk
ZoneAlarm Pro is a facist piece of shit!
« Reply #1 on: 9 December 2002, 03:58 »
I wont be using Zone Alarm, but thats because i have a good Linux firewall/proxy setup
Disorder | Rating
Paranoid: Moderate
Schizoid: Moderate
Linux User #283518
'It takes more than a self-inflicted gunshot wound to the head to stop Bob'

beltorak0

  • Member
  • **
  • Posts: 223
  • Kudos: 0
    • http://www.angelfire.com/realm/beltorak
ZoneAlarm Pro is a facist piece of shit!
« Reply #2 on: 9 December 2002, 21:34 »
ZA got a lot of press, but Kirio Personal Firewall is a lot better IMO.  It allows application AND ip filtering; ZA (the free one anyway) is purely application based, and the default firewalls for *nix's are primarily ip based.

I'm trying to write an app/ip/user+group based firewall that will rest on the NetFilter design, mostly to suppliment iptables.  It is still pre-ALEPH (exisits only on paper) though, since I am starting to learn C++.

-t.
from Attrition.Org
 
quote:
Like many times before, Microsoft is re-inventing the wheel and opting for something other than round.

-t.


Mr Smith

  • Member
  • **
  • Posts: 82
  • Kudos: 0
ZoneAlarm Pro is a facist piece of shit!
« Reply #3 on: 9 December 2002, 11:13 »
I remember when I first got the free version of ZA 2.0, I really liked it. Then one day, I check for an update (I don't like programs that try try to get updates automatically, it pisses me off) and there is  one waiting. It wasn't until after I installed this update and re-started the program that I found out it was an update for ZA Pro! I was highly pissed, and almost decided to take it off my computer and write ZoneLabs a nasty letter. Almost. But then I just decided to get a crack for it and have been using ZA Pro FREE ever since. The customer is always right.  :D
War is an ugly thing, but not the ugliest of things. The decayed and degraded state of moral and patriotic feeling which thinks that nothing is worth war is much worse. The person who has nothing for which he is willing to fight, nothing which is more important than his own personal safety, is a miserable creature and has no chance of being free unless made and kept so by the exertions of better men than himself.
John Stuart Mill

Kintaro

  • Member
  • **
  • Posts: 6,545
  • Kudos: 255
  • I want to get the band back together!
    • JohnTate.org
ZoneAlarm Pro is a facist piece of shit!
« Reply #4 on: 16 December 2002, 15:10 »
nmap -O -p0 exeleven.sytes.net

Just try to h4x0r my b0x0r...
Refalm, if its your computer, then tell them to put windows up there asses!

HPC GUY

  • Member
  • **
  • Posts: 275
  • Kudos: 101
ZoneAlarm Pro is a facist piece of shit!
« Reply #5 on: 16 December 2002, 21:32 »
for windows based machines i would recommend Sygate personal firewall its free!

www.sygate.com

it detected and successfully stoped a DOS attack on me

[ December 16, 2002: Message edited by: HPC GUY ]

"if i destroyed you, i would only be perpetuating your legacy" - Me

beltorak0

  • Member
  • **
  • Posts: 223
  • Kudos: 0
    • http://www.angelfire.com/realm/beltorak
ZoneAlarm Pro is a facist piece of shit!
« Reply #6 on: 18 December 2002, 02:56 »
I hear Sygate has a good firewall; I use thier site when I want to check my firewall for integrity and accuracy.  Just to make sure that they don't catch something I didn't see when I nmap my box locally.

-t.
from Attrition.Org
 
quote:
Like many times before, Microsoft is re-inventing the wheel and opting for something other than round.

-t.


Kintaro

  • Member
  • **
  • Posts: 6,545
  • Kudos: 255
  • I want to get the band back together!
    • JohnTate.org
ZoneAlarm Pro is a facist piece of shit!
« Reply #7 on: 18 December 2002, 17:32 »
My gateway is on "high" with the Red-Hat firewall for the 2 ppp connections, but it is on "trust" for the ethernet connection.

The standard sygate scan says:
 Trying to find out your computer name...

Unable to determine your computer name!

Trying to find out what services you are running...

Unable to detect any running services!

The stealth one says:
FTP DATA
20
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
FTP
21
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
SSH
22
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
TELNET
23
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
SMTP
25
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
DNS
53
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
DCC
59
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
FINGER
79
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
WEB
80
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
POP3
110
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
IDENT
113
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
NetBIOS
139
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
HTTPS
443
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
Server Message Block
445
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
SOCKS PROXY
1080
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
WEB PROXY
8080
BLOCKED
This port has not responded to any of our probes. It appears to be completely stealthed.
SOURCE PORT
33247
BLOCKED
This is the port you are using to communicate to our Web Server. A firewall that uses Stateful Packet Inspection will show a 'BLOCKED' result for this port.

And afterwards they tell me i was using there software:
 
quote:

 You have blocked all of our probes! We still recommend running this test both with
and without Sygate Personal Firewall enabled... so turn it off and try the test again.



And now stop iptables and it tells me that only DNS, Netbios (oooh), and SSH are open.

now ill do some more scans!

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
ZoneAlarm Pro is a facist piece of shit!
« Reply #8 on: 18 December 2002, 20:02 »
Maybe this is why your DNS isn't working? See if it works with the firewall turned off, if it does you need to add more allowances for TCP/UDP port 53. And possibly add the following to your "options" section in /etc/named.conf:

query-source port 53;

[ December 18, 2002: Message edited by: void main ]

Someone please remove this account. Thanks...

Kintaro

  • Member
  • **
  • Posts: 6,545
  • Kudos: 255
  • I want to get the band back together!
    • JohnTate.org
ZoneAlarm Pro is a facist piece of shit!
« Reply #9 on: 19 December 2002, 01:28 »
From the inside network, everything is open, i told it "eth0" was a "trusted" device.

From the inside everything is open
My system passed all tests with nothing open.
Try to h4x0r my b0x0r!
exeleven.sytes.net is my dyndns

Kintaro

  • Member
  • **
  • Posts: 6,545
  • Kudos: 255
  • I want to get the band back together!
    • JohnTate.org
ZoneAlarm Pro is a facist piece of shit!
« Reply #10 on: 19 December 2002, 01:37 »
The DNS is working, i just have to add the 2 DNS Servers from my ISP that was put in /etc/resolv.conf on the server in my /etc/resolv.conf on my client(s) my brothers computer uses DHCP and i set that automaticly. I also have the servers IP in my resolv.conf so i have no troubles there.

But here is an nmap of the server from the inside network...
Code: [Select]

I just noticed my Serva thinks its X11.X11.HOME but i just ssh'd to serva.x11.home and it worked it also says root@serva in the title.

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
ZoneAlarm Pro is a facist piece of shit!
« Reply #11 on: 19 December 2002, 02:24 »
quote:
Originally posted by BOB 11: Stallman Wannabe:
The DNS is working, i just have to add the 2 DNS Servers from my ISP that was put in /etc/resolv.conf on the server in my /etc/resolv.conf on my client(s) my brothers computer uses DHCP and i set that automaticly. I also have the servers IP in my resolv.conf so i have no troubles there.



Well then there is no point in you running a DNS server as none of your machines would be using it in that configuration. If you were running your DNS server on your server this should be in your /etc/resolv.conf:

Code: [Select]

And on your clients you would have:

Code: [Select]

Where the above address is the IP address of your DNS server. Of course if you had DHCP configured properly it would automatically configure your clients that way.
Someone please remove this account. Thanks...

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
ZoneAlarm Pro is a facist piece of shit!
« Reply #12 on: 19 December 2002, 02:26 »
quote:
Originally posted by BOB 11: Stallman Wannabe:
The DNS is working, i just have to add the 2 DNS Servers from my ISP that was put in /etc/resolv.conf on the server in my /etc/resolv.conf on my client(s) my brothers computer uses DHCP and i set that automaticly. I also have the servers IP in my resolv.conf so i have no troubles there.



Well then there is no point in you running a DNS server as none of your machines would be using it in that configuration. If you were running your DNS server on your server this should be in your /etc/resolv.conf:

Code: [Select]

And on your clients you would have:

Code: [Select]

Where the above address is the IP address of your DNS server. Of course if you had DHCP configured properly it would automatically configure your clients that way. If you have your DHCP server configured properly and the /etc/resolv.conf is getting different information than what your DHCP server is configured for then you have more than one DHCP server on your network and they are conflicting.
Someone please remove this account. Thanks...