Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Question About Destination Dns Column In Za Log Viewer > Firewall


  • Please log in to reply
48 replies to this topic

#1 bloomcounty

bloomcounty

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 09 June 2007 - 12:56 AM

Hi,

I use ZoneAlarm Free Version 7.0.302. I basically have ZA set to ask me for permission for everything except for Firefox, but I'm always getting these weird entries in the Log Viewer under Firewall in the DESTINATION DNS column.

When Outlook Express (msimn.exe) asks for permission and I allow it, the DESTINATION IP column and the DESTINATION DNS column in the ZoneAlarm Program Log Viewer will show things like the following:

DESTINATION IP / DESTINATION DNS
209.85.171.97:53 / ssl-google-analytics.google
72.14.253.91:53 / sb.l
64.191.219.3:53 / referencecollect.247realmedia
8.255.49.251:53 / cdn.specificmail.com.c.footprint.net
67.15.48.168:53 / thedigitalbits.com
209.85.171.164:53 / pagead.l.google
64.62.216.443:53 / a1521.x.akamai

And sometimes it says: (IP address here):53 / ns3.mindspring.com (and mindspring is my dial-up, which is Earthlink)

And when either I allow AVG Free (avginet.exe -- I guess that's when I check for updates to the a/v?) and I guess when AVG scans the incoming email (avgemc.exe) -- (Or could this be accessing without my knowledge?) -- I get things like the following in the DNS column:

DESTINATION IP / DESTINATION DNS
72.21.206.84:53 / www.assoc-amazon.com
209.85.147.104:53 / wa-in-f104.google.com
209.85.171.97:53 / ssl-google-analytics.google

And sometimes it says, for example: (IP address here): (port# here - not 53) / pop.mindspring.com

The DIRECTION on all these listed is OUTGOING (CONNECT) and the ACTION TAKEN is listed as ALLOWED.

There is nothing listed in the SOURCE IP or SOURCE DNS columns for these entries.

1. What are those things that are listed?

2. Why are they listed like that in the DNS column? (Note that sometimes what's listed in the DNS column makes sense, like something for mindspring or Earthlink when OE is being allowed... but a lot of the times it's weird stuff...)

3. Does this imply I'm got something "bad" on my system or that something is wrong/screwy?

Please note: I am not having any issues with my laptop at all (that I know of).

I have posted this on a thread on the Zone Alarm board, but haven't got the specific answers I'm looking for yet, so I was hoping that someone here might know what the deal is with all this.

ADDED: Below is a .jpg showing many of the ZA log entries in question. This is not a complete log, but edited to only show the stuff I'm talking about (and with a few things blacked out, just to be safe). Please take a look at it -- thanks!


Posted Image

Thanks very much, as always! Looking forward to hearing back! :thumbsup:

Edited by bloomcounty, 09 June 2007 - 02:37 PM.

My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

BC AdBot (Login to Remove)

 


#2 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,578 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:55 AM

Posted 09 June 2007 - 09:25 PM

Bloomcounty,
I haven't checked all your entries, as you can google them out or check dnsstuff, which I suspect you did already.
Port 53 is for communication with the DNS server of your ISP or mail account.
Akamai servers are used by ZA and other companies for upgrades.
Many things do look odd.

I have a hunch you do not have DNS servers in the trusted zone, why else would there be requests to so many places, including requests from outlook express. Forgive me if I'm wrong. Just guessing.
If the router is your DNS server, put that in the trusted zone.
Do you have your Firewall/Zones set up properly? Network, Loopback 127.0.0.1, DHCP server, DNS servers all trusted?
Do you have Generic Host Process with 3 checks from the left and everything else at most two? (I don't recall whether ZA free has a place to check send mail, do so if it does).
Don't give Windows Explorer internet access, it does not need it. Do give IE internet access but no server rights.

If you do the edits above and the problem persists (it shouldn't), then I'd be clearing out the bad settings, because it just does not look right (sometimes Windows errors cause the ZA database to be mangled). Go back to the ZA forum and do a Search for "reset database". Yes you will loose your current settings, but I think you should want to drop them. It's just few simple steps.

What I wanna know is how did you put the big black blocks on that screen shot?

#3 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 10 June 2007 - 11:22 AM

Thanks for the reply! I'm almost positive things are set up wrong. Do you mind helping me get it all set up right? I really need a dummy's step-by-step, over-explained, version of instructions, I think... :flowers:

I got a reply from the ZA board, and I will post their instructions further below, but I have some more questions about what you posted, and I really don't understand any of this stuff (and, believe me, I tried reading all the links about all this stuff, and my eyes glaze over), so feel free to reply with instructions/answers as if I were three years old! :trumpet:

Note that I have/use dial-up, though my laptop does have a wireless modem (I only occasionally use at a friend's house) and a high-speed internet line, which I don't really ever use.

1. The first important questions is, has my computer been at risk for anything by how it's set right now? Am I sending any information or allowing access to my computer (or access to my incoming email) to something...?

I have a hunch you do not have DNS servers in the trusted zone, why else would there be requests to so many places, including requests from outlook express. Forgive me if I'm wrong. Just guessing.


2.
I'm 99.9% sure you are correct. So how do I do this exactly?

2a. So what exactly are all these requests that are being sent out, and is it bad that it's been doing this? (I guess that goes back to #1 above...)

If the router is your DNS server, put that in the trusted zone.


3. I don't know if this is the case, as I don't understand what that means. How can I check?

3a. And if that's the case, how do I put it in the trusted zone?

Do you have your Firewall/Zones set up properly? Network, Loopback 127.0.0.1, DHCP server, DNS servers all trusted?


4. Again, I don't know... But I'm attaching a screen cap of Firewall > Zones from ZA below so you can take a look... What do I need to do?

Posted Image

Do you have Generic Host Process with 3 checks from the left and everything else at most two? (I don't recall whether ZA free has a place to check send mail, do so if it does).


5. I do have it set that way for Generic Host Process. Everything else, for the most part, I have set to "?-Ask" for everything. Some of that is probably wrong, but for stuff that it doesn't matter, I prefer to be asked each time (if that's okay). I'm attaching an image below that shows everything from Program Control > Programs. Take a look and let me know what I should do...

Posted Image

Don't give Windows Explorer internet access, it does not need it. Do give IE internet access but no server rights.


6. As you can see, I've got Windows Explorer set to all "Ask-?'s" -- should I put any of those columns to "X-Block"? Which columns exactly? (I don't understand Internet Access vs. Server Rights exactly, as there are four columns there, two for Access and two for Server, so let me know which specifically of the four... thanks!)

6a. Why does IE need internet access? I only use it for Windows Updates, and I let it ask me to give it permission each time. Is that bad for some reason?

If you do the edits above and the problem persists (it shouldn't), then I'd be clearing out the bad settings, because it just does not look right (sometimes Windows errors cause the ZA database to be mangled).


7. Here's the instructions I got from the ZA board on how to completely restart (my comments to you are in BOLD CAPS throughout), but I'm uncertain about a lot of it:

Boot your computer into the Safe Mode

Navigate to the c:\windows\internet logs folder

Delete the backup.rdb and iamdb.rdb files in the folder

Clean the Recycle Bin

Reboot into the normal mode

The Zone Alarm will be cleaned of all previous settings and data and it will appear as when it was first installed

THIS IS THE PART WHERE I START TO GET CONFUSED...
On the restart or reboot into the Normal Mode, the ZA will ask whcih for the new network found. I assume you are home so select the Trusted. Then make sure the DNS and the DHCP server's IP are listed as Trusted in the Zones of the Firewall of the ZA. Like this:

1. Go to Run type in command, hit OK, and type ipconfig /all then press enter. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side
2. In ZA on your machine on the Firewall>Zones tab click Add and then select IP Address. Make sure the Zone is set to Trusted
3. Click OK and then Apply for each one.
4. The loopback must be listed as Trusted. It has the address of 127.0.0.1
5 The Generic Host Process or the svchost.exe listed in the Program list must have both Trusted and Internet access and it must have server rights for the Trusted Zone, but not the Internet Zone.
...AS I DON'T REALLY KNOW EXACTLY WHAT I'M DOING


Then:

By not clearing the database and by not setting up the correct DNS servers, it seems things right now are a mess!

Second, only allow the Generic Host Process (svchost.exe) and maybe the AV updater should have server rights for the Trusted Zone and do not have anything with any server rights for the Internet Zone. I'D RATHER HAVE ANYTHING THAT CAN ASK ME FOR PERMISSION TO ASK. AND I DON'T KNOW WHAT THIS MEANS EXACTLY WITH REGARDS TO WHAT GETS A GREEN CHECK, WHAT GETS A QUESTION MARK AND WHAT GETS A RED X -- AND IN WHAT COLUMN(S).

The explorer does not need a green check for either internet access or any server- it should be permanently allowed access to the Trusted Zone and an Ask for the Internet Access and no server rights either for the Trusted or Internet Server. No mail rights. DOES THIS MEAN WINDOWS EXPLORER? SO A GREEN CHECK IN ACCESS-TRUSTED COLUMN, A "?" IN THE ACCESS-INTERNET COLUMN AND RED X'S IN THE TWO SERVER COLUMNS? AND IF THAT'S CORRECT, WHY A GREEN CHECK AT ALL? CAN'T I JUST LET IT ASK FOR PERMISSION IF IT NEEDS IT? OR IS THING SOMETHING THAT GOES ON BEHIND THE SCENES THAT NEEDS TO BE ALLOWED?

The outloook could be the same as the explorer, but with mail rights. By using the correct dns server at least your outlook would go to the correct mail server that you should be using. THERE ARE NO MAIL RIGHTS THAT I KNOW OF IN ZA FREE.

But if you do not put the proper DSHCP or DNS servers in the Zones, then the firewalling is still out of whack. I THINK THAT'S WHAT THE INSTRUCTIONS FURTHER ABOVE WERE FOR, BUT I'M STILL A BIT IFFY ON THEM...


8. So do you think I should just start from scratch, or just try what you're saying first? Either way, are you up for giving me a dummy's step-by-step on what to do (not using just names of stuff, but things like "put a checkmark in the Access-Internet column", etc.?

What I wanna know is how did you put the big black blocks on that screen shot?


I did multiple screen captures and put them together in Photoshop, then blacked out the various things in Photoshop as well. A total pain in the butt, and very time consuming, but I figure it's worth it to provide good images for the kind people like yourself that are taking the time to help me! :inlove:

Looking forward to hearing back -- thanks! :thumbsup:

Edited by bloomcounty, 10 June 2007 - 11:49 AM.

My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

#4 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,578 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:55 AM

Posted 10 June 2007 - 01:32 PM

Bloomcounty,
I can't do any better than the advice you got from the ZA forum. I use'm too.
Perhaps some of the key-by-key suggestions in this thread will help.
http://www.bleepingcomputer.com/forums/topic93868
It includes a reference to the official ZA instructions which explains how to do what you want to do, and I would prefer not to have to repeat.

I'm not familiar with how to setup ZA with dialup, you might post at ZA forum again. Or keep looking at ipconfig /all and see if things are stable or change with every use. I really don't know.

I would give couple more programs checkmarks in Access column. ZA instructions will tell you where. And/or when the alert comes up, just allow and remember.

Re your specific points
1 - I don't think so
2 - see above
2a - I don't think so
3 - see above, specifically the ipconfig command
3a - see above
4 - see above, specifically ZA instructions and my thread. Adapter subnet needs to be trusted. When wireless is used (those zeros will change), that should stay Internet.
5 - few examples: AVG update can have two checks, Creator classic doesn't need internet access, so one check, Firefox is ok, Generic Host is ok, IE needs two checks, jre probably none, possibly trusted access only, MS help - 2 checks, MS Word one check unless you insist on always using their help, but then ? is better, Outlook 2 checks, Spybot, Windows explorer both 2 checks and take it from here.
6 - see above. Access=go for information. Server is when you allow your computer to be a server to things such as Trojans or p2p.
6a - well if you don't give IE access how will it go for the updates? ? is ok though. The purpose of IE is internet access. Same for Firefox.

Thanks for how you worked the bitmaps. PITA :thumbsup:

#5 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 10 June 2007 - 02:04 PM

Bloomcounty,
I can't do any better than the advice you got from the ZA forum. I use'm too.
Perhaps some of the key-by-key suggestions in this thread will help.
http://www.bleepingcomputer.com/forums/topic93868
It includes a reference to the official ZA instructions which explains how to do what you want to do, and I would prefer not to have to repeat.


The link doesn't work. Can you repost? I'd really like to use it. Thanks!

6a - well if you don't give IE access how will it go for the updates? ? is ok though. The purpose of IE is internet access. Same for Firefox.


If it's a ?, it'll ask me each time for IE (which I prefer, since I only use it for Windows Updates, and that way I know it's not doing anything else without my knowledge). Or is there some reason that's not okay? (I do allow Firefox access to Trusted and Internet.)

Edited by bloomcounty, 10 June 2007 - 02:06 PM.

My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

#6 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,578 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:55 AM

Posted 10 June 2007 - 06:38 PM

Re http://www.bleepingcomputer.com/forums/t/93868/win-32-services/
Hang in there. Something is wrong. I'll ask to be fixed.

No reason for IE asking. You'l get bored with it, but I think that's the best way to learn.

Edited by tos226, 10 June 2007 - 06:39 PM.


#7 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,578 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:55 AM

Posted 12 June 2007 - 09:32 AM

Bloomcounty,
I see now why the original link didn't work. I dropped the ".html" part. No idea how :thumbsup:
I hope you do get through to the ZA setup instructions from the link there. Good luck!

#8 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 12 June 2007 - 09:46 AM

Bloomcounty,
I see now why the original link didn't work. I dropped the ".html" part. No idea how :thumbsup:
I hope you do get through to the ZA setup instructions from the link there. Good luck!


I'm dealing with Oldsod at the ZA forum... very nice, but, man, am I having hard time understanding what he/she is saying! (And he/she doesn't exactly respond to my specific questions directly... I kind of have to ask a bunch of times.) But I think I'm getting there. Are you up for taking a look at the thread? Here's the link:

http://forums.zonealarm.com/zonelabs/board...essage.id=16593

I'm going to do the database reset now and then add the two DNS servers from Earthlink to the trusted zone and make sure the WAN thing (which I guess is my dial-up) is once again set as "Internet".

I'm more than a little concerned about my computer all these months going to these random sites for DNS lookup (whatever that is), and I'm trying to get a definitive answer on what the deal is with that...

Since I'm doing a database reset, I assume my Program Control will be gone... I'm uncertain what I am supposed to allow the first time I do the reset though... I'm going to just deny everything at first and see what happens I guess...

Any thoughts? Thanks!
My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

#9 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 12 June 2007 - 11:25 AM

Okay, I did the database reset. But there are MANY issues... I hope you can help me!

1. Please look at this new .jpg of my firewall > zones:
http://attachments.techguy.org/attachments...allzonesnew.jpg

...as you can see, I have added the two Earthlink DNS IP #'s, but the loopback adapter is gone! What do I do? Why does it now show up?

2. Here's a .jpg of my new program log:
http://attachments.techguy.org/attachments...aproglognew.jpg

The same exact thing is still happening, even though I added those two DNS entries to the trusted zone! I have marked the examples with red circles. Why is this still happening? What is going on?

3. Under FIREWALL > MAIN, I have the Internet Security Zone set to HIGH and the Trusted Zone Security set to MEDIUM. Is this correct and safe?

3a. I notice that with Trusted Zone Security set to MEDIUM, that the blocked entries marked with BLUE CIRCLES in the .jpg linked above do not show up anymore. Is that good?

4. I have EMAIL PROTECTION turned OFF (since I have AVG A/V, which has an email scanner) and I have ANTI-VIRUS MONITORING turned OFF (since it does not recognize AVG Free). Are these both correct settings? (I think that's how I had it set before...)

5. Before I did the reset, when I'd check my email, BOTH Outlook Express AND AVG Free Email Scanner would ask for permission (since I had it set to "?-Ask"). Now that I did the reset, the AVG Email Scanner only OCCASIONALLY asks for permission (which seems to imply it's not always running, you think?). Why would this be happening?

6. Please look at the .jpg of my new Program Control settings list:
http://attachments.techguy.org/attachments...rogcntrlnew.jpg

Is this all correct so far?

Man, I am starting to wish I had never started messing with this stuff... Everytime I mess with anything on my computer to "fix" something, it just leads to more problems. But I'm pretty stressed out about all this and am hoping you don't mind helping me as much as you canů? I really appreciate it! :thumbsup:
My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

#10 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,578 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:55 AM

Posted 12 June 2007 - 12:39 PM

Reply to post #8
When I copied and pasted your link, it was abbreviated
http://forums.zonealarm.com/zonelabs/board...essage.id=16593
For others reading this thread: it's in the Alerts and Messages forum section,
after "board" add this: /message?board.id=win_za_msgs&message.id=16593

Quick answers based on quick review of that thread
1. Great advice for your specific setup. Do take time to read it.
2. No reason to panic. Until you allow DNS servers, the computer goes all over creation to find them. Pointless.

In that thread, you got instructions how to preserve your settings. I can't improve on any of what's said there.
No, I would not make everything Deny, because then your connections will fail.
"?" are appropriate, but, for the programs, just follow the list you got on the forum.

to post#9
I haven't looked at jpgs yet - I'll try when time permits.
Have your read the instructions that ZA provides?
Have you read Help screens?

1. add it in
3. correct
3a. most likely correct
4. sounds correct to me
5. without knowing exact detail what AVG was asking before or now, I can't tell. Likely related to the dns servers now being permitted, or mail client being permitted
6. If you followed the advice ZA forum provided and I scanned, you're ok
Take it easy :thumbsup:

#11 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,578 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:55 AM

Posted 12 June 2007 - 12:59 PM

ok, I looked at your pictures.
1. Adapter subnet whole thing, both sides of / should be trusted if you use a router, but with DSL - reread what ZA forum told you
2,3,4,5,6 are all related. ZA is doing what you asked it to do which is to ASK. If you change both AVG and Outlook lines to two checks, it'll stop asking. Remember, both outlook and avg are looking at the mail. And Kissmyip did the same when you asked it to report what settings are visible. Finally, you can put red X in the Server column, except for Generic Host (svchost) which needs trusted server rights.

I'm not sure why you think you broke something or that the setup is unsafe. It's overcautious, IMO, but good to learn from while you're experimenting. However, I think learning by reading the instructions is also a good thing.

#12 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 12 June 2007 - 02:05 PM

Thanks for the reply, tos226!

1. Great advice for your specific setup. Do take time to read it.
2. No reason to panic. Until you allow DNS servers, the computer goes all over creation to find them. Pointless.


I read everything Oldsod posted and followed his instructions. I reset the database, as instructed. I have put red X's in the Server-Internet column as instructed (and all across for Application Layer Gateway Service, as it seems I don't even use this?). As far as I know, I have added the two DNS entries. But like I said in #2 in my last post, I am still having the same exact issue. No change in this issue.

Re: Adding in Loopback Adapter...
I chose ADD > IP ADDRESS (*not* HOST/SITE), called it "Loopback Adapter" and made it "Trusted". Here's a new .jpg:
http://attachments.techguy.org/attachments...llzonesnew2.jpg

Did I do this correct?

1. But why did I have to add it manually this time when the first time I installed ZA months ago, it was added automatically? (I can tell there is a difference because before I did the database reset, if I tried to EDIT the Loopback Adapter, it would not let me. But because I have added it myself now, I can actually go in and edit it if I wanted to...)

6. If you followed the advice ZA forum provided and I scanned, you're ok


Except for #2 above, which shows that I'm not, because I'm still having the same exact issue despite all the changes I've made per instructions... :flowers:

2.
As you can see, it is still happening, as shown by the entries with a red circle shown in this .jpg:
http://attachments.techguy.org/attachments...aproglognew.jpg

It happens *randomly/sometimes* when I either check my email in OE (msimn.exe), check for AVG updates (avginet.exe), Firefox (firefox.exe), and SpyBot Updates (SpybotSD.exe). Sometimes it looks like it goes to the right DNS, sometimes it does not. I have created a .jpgs for each program (man, that took a long time!) that shows examples of both the correct DNS and what I assume is the wrong one. Please look at these to see what I mean:

Outlook Express:
http://attachments.techguy.org/attachments...73792/za-oe.jpg

AVG Updater:
http://attachments.techguy.org/attachments...3706/za-avg.jpg

Spybot:
http://attachments.techguy.org/attachments...0/za-spybot.jpg

Firefox:
http://attachments.techguy.org/attachments.../za-firefox.jpg

See how some Destination IP/DNS look "correct" but most look wrong...? Many of these are older examples, but as you can see in the .jpg with the red circles further above, it is still happening.

Let me know what you think -- thanks for the help! Looking forward to hearing back! :thumbsup:
My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

#13 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 12 June 2007 - 02:16 PM

1. Adapter subnet whole thing, both sides of / should be trusted if you use a router, but with DSL - reread what ZA forum told you


A. Are you talking about the second line in this link?
http://attachments.techguy.org/attachments...allzonesnew.jpg

Both sides of "/" -- what does that mean? And Oldsod said that since I have DIAL-UP with no router (just my laptop - everybody forgets that! ;)), that this line should be INTERNET, not TRUSTED.

2,3,4,5,6 are all related. ZA is doing what you asked it to do which is to ASK. If you change both AVG and Outlook lines to two checks, it'll stop asking. Remember, both outlook and avg are looking at the mail. And Kissmyip did the same when you asked it to report what settings are visible.


B. I don't have a problem with it asking me, that's what I want it to do. The issue is that it's still going to weird DESTINATION DNS IP/ADDRESSES, you know? I think we crossed posted, and I just posted to you detailed examples. Please take a look at my previous post here:
http://www.bleepingcomputer.com/forums/ind...st&p=544166

B2. I don't understand what you're saying about Kissmyip... Why did it even got to that IP address? It has nothing to do with the program that was accessing the internet at that time. Isn't that an example of the exact issue that started this all? I don't understand...

I'm not sure why you think you broke something or that the setup is unsafe. It's overcautious, IMO, but good to learn from while you're experimenting. However, I think learning by reading the instructions is also a good thing.


I have been reading the instructions and the posts you and Oldsod made, but I'm still having the same issue. Maybe I'm not explaining the situation well enough? I don't know how much more I can explain all the details beyond what I'm already doing... I'm doing everything I'm told, but I'm not getting results, and I'm not getting the point across that I'm still having the same issue that started this whole thing...

Please stay with me on this -- I appreciate the help and time! But I have to make sure I get the information across to you... Am I doing that?

Thanks! :thumbsup:
My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010

#14 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,578 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:55 AM

Posted 12 June 2007 - 04:30 PM

Bloomcounty, I've reached the limits of my knowledge. I do not know nor understand dial-up vs. security. that said, few more attempts
A. Correct. INTERNET zone if you have no router (I did hint at that in post #11)
B. I hear you. Perhaps the applications you run use multiple DNS servers besides yours from ISP? I'd think that Outlook would go into only one place for mail. I don't know.
B2. Somebody on the ZoneLabs forum has, in the signature, kissmyip. Harmless display of your IP address, though if you had a router, only the public side would show.

I'll watch the thread, but I hope someone more knowledgable will pitch in. Or go back to the ZA forum. Don't overwhelm them with many screen shots, I think the first one with the dots, is sufficient to ask the question.

#15 bloomcounty

bloomcounty
  • Topic Starter

  • Members
  • 672 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 12 June 2007 - 04:56 PM

I'll watch the thread, but I hope someone more knowledgable will pitch in. Or go back to the ZA forum. Don't overwhelm them with many screen shots, I think the first one with the dots, is sufficient to ask the question.


I appreciate the posts -- thanks!

I already posted my links to the .jpgs for Oldsod on that thread over in the ZA forums (but if I end up posting a new thread, I'll only post the .jpg you suggested), and am waiting to hear back. I appreciate that person's help as well, and I know they're knowledgeable and are offering their time to help (as you are), and I DO appreciate that, but it's really frustrating when they ignore the specific questions you're asking and give you a bunch of information you don't need. I think that stems from not really reading the questions and guessing at what the problem is, then pasting a preset answer into the post. I mean, I said I had dial-up in every post I made over there, and it was only halfway through the thread that they starting acknowledging that aspect. I certainly don't mean to be ungrateful, but other people come on message boards asking for help and provide no information and don't take any time to try to do so. I take a lot of time (probably more than I should, but I try to make everything as easy as possible for those kind enough to help me) to prepare the screen shots and type in the info, etc. And it's frustrating when that's all ignored... Plus, I think it can lead to people following bad advice on occasion...

Sorry for the little rant there... :flowers: (It's just something I notice about message boards in general...) And, again, I appreciate ANY AND ALL the help anyone's ever given me on any message board... And I always learn something in the process... :trumpet:

Thanks again! :thumbsup:

So is there anyone out there who knows more about dial-up and ZA that can help with this? Should I maybe PM quietman7 and/or tg1911 and see if they can help? They've both also kindly helped me in the past... And maybe I should just post a new thread on ZA with DIAL-UP as part of the subject...?
My stats: Windows XP Home SP2; Firefox 3.0.14 w/ Ad-Block Plus; IE 6.0 (used only for monthly Windows Critical Updates); ZoneAlarm 6.1.744.001 Free; AVG 8.5 A/V Free; SuperAntispyware Free 4.28.1010




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users