Results 1 to 7 of 7

Thread: ZoneAlame

  1. #1
    Junior Member
    Join Date
    Nov 2001
    Posts
    3

    Question ZoneAlame

    Anybody know if ZoneAlarm can STILL be REMOTELY SHUT DOWN(*crashed*) by an ICMP Flood???

    It SURE COULD a few months ago, which is why I got (BID) Black ICE Defender, to cover TCP ports 0,1,3, & 8.

    Since I did that, I have had no problems, but I thought that anyone that thought they were SAFE using ZA, should know OTHERWISE, before they found out the HARD way, just as I had to.

    Itried to contact Zone Labs about this, but they weren't any help at all, & the same goes for the Gibson Research Committee(grc.com)

    I'm thinking that this vulnerability STILL exists, because I keep getting ZA alerts for a Port "ICMP Unreachable", & it's my BID that makes those ports unreachable.

    Any replies will be appreciated.



    http://continue.to/WIN


    The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men.

    Blessed is he, who, in the name of charity and good will, shepherds the weak through the valley of darkness, for he is truly his brother\'s keeper and the finder of lost children.

    And I will strike down upon thee with great vengeance and furious anger those who attempt to poison and destroy my brothers.

    And you will know my name is the Lord when I lay my vengeance upon you.


    http://www.angelfire.com/realm/ofthe...s/morphing.gif

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    831
    I don't think that it is still vulnerable, if it was before...

    I use ZA only and I get ICMP unreachable messages as well..

    It might've just been a configuration issue with yours, coz I've used ZA for a long time, and I've always gotten those messages...

    If you could tell me how long ago it was when crashing ZA via an ICMP flood was, I might be able to say for sure....
    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    677
    Incoming ICMP Unreachable (Winch ZAPro blocks) are from other hosts that are unreachable, that you tried to connect to, not saying that your computer is unreachable. ZAPro blocks (by default) these, and on my computer blocks ALL inbound ICMP packets!
    One Ring to rule them all, One Ring to find them.
    One Ring to bring them all and in the darkness bind them.
    (The Lord Of The Rings)
    http://www.bytekill.net

  4. #4
    Junior Member
    Join Date
    Aug 2001
    Posts
    28
    The vulnerability was patched a couple of versions ago,at least.Been using ZA for quite some time now with no problems.I've run more thorough tests from sites other than those at GRC with satisfactory results.You may just have a configuration problem.You don't state the version you used,even if you're using an older version a mutex patch from an independent source has been available for this since at least January of this year.
    \"He who fights with monsters should look to it that he,himself,does not become a monster....when you gaze long into the abyss,the abyss also gazes into you\"

    Friedrich Nietzche

  5. #5
    Junior Member
    Join Date
    Nov 2001
    Posts
    3
    Not sure what the exact number was, but I just upgraded ZA, 2 days ago, so I think that I had problems with the version 2 places back. Either way, it was approx 3 months ago that someone in Korea *crashed* my ZA while at redhat.com, and later, some lamer planted the BO2k on me, so once again, I re-formatted.

    I could NEVER get Zone Labs to communicate with me, so I'm very glad to see that the problem was sorted.

    Thank all of you for your reassurance.

    ~TARL

    The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men.

    Blessed is he, who, in the name of charity and good will, shepherds the weak through the valley of darkness, for he is truly his brother\'s keeper and the finder of lost children.

    And I will strike down upon thee with great vengeance and furious anger those who attempt to poison and destroy my brothers.

    And you will know my name is the Lord when I lay my vengeance upon you.


    http://www.angelfire.com/realm/ofthe...s/morphing.gif

  6. #6
    I once got ddosed by these bunch of kiddies and zonealarm went down... so in the event of a ddos zonealarm will crash (depends how severe) so that's why I run Sygate aside of ZA on my win2k box.

  7. #7
    AntiOnline Senior Member
    Join Date
    Oct 2001
    Posts
    514

    Thumbs up Good for me...

    I have been using ZoneAlarm for well over a year now, and it has never crashed on me.

    It has stopped UDP port floods, ICMP port floods, and other floods. No problems here with it being shut down.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •