I don't think that it is still vulnerable, if it was before...
I use ZA only and I get ICMP unreachable messages as well..
It might've just been a configuration issue with yours, coz I've used ZA for a long time, and I've always gotten those messages...
If you could tell me how long ago it was when crashing ZA via an ICMP flood was, I might be able to say for sure....
November 11th, 2001, 11:09 AM
Incoming ICMP Unreachable (Winch ZAPro blocks) are from other hosts that are unreachable, that you tried to connect to, not saying that your computer is unreachable. ZAPro blocks (by default) these, and on my computer blocks ALL inbound ICMP packets!
November 11th, 2001, 11:59 AM
The vulnerability was patched a couple of versions ago,at least.Been using ZA for quite some time now with no problems.I've run more thorough tests from sites other than those at GRC with satisfactory results.You may just have a configuration problem.You don't state the version you used,even if you're using an older version a mutex patch from an independent source has been available for this since at least January of this year.
November 11th, 2001, 12:18 PM
Not sure what the exact number was, but I just upgraded ZA, 2 days ago, so I think that I had problems with the version 2 places back. Either way, it was approx 3 months ago that someone in Korea *crashed* my ZA while at redhat.com, and later, some lamer planted the BO2k on me, so once again, I re-formatted.
I could NEVER get Zone Labs to communicate with me, so I'm very glad to see that the problem was sorted.
Thank all of you for your reassurance.
November 14th, 2001, 12:41 PM
I once got ddosed by these bunch of kiddies and zonealarm went down... so in the event of a ddos zonealarm will crash (depends how severe) so that's why I run Sygate aside of ZA on my win2k box.:D
November 14th, 2001, 04:17 PM
Good for me...
I have been using ZoneAlarm for well over a year now, and it has never crashed on me.
It has stopped UDP port floods, ICMP port floods, and other floods. No problems here with it being shut down. :)