Hi, I've been away doing things...

I still haven't finished my whole secruity games heheh funless :P huh

does my head in for sure...!

ANYWAY...See the image below, I have a error on the website win updater... I think it'c co'sI'm blocking it?

I'm still wondering about my generic host being cool and some of the other amps

and the error


my main desire is to stop any hacks that expose my files

and also no killing my comp

Well, a quick test to see if it is ZAP blocking this or not, just disable the "Programs" section (leaving the actual firewall itself running). You do this from ZAP interface > Program Control panel > Main tab > move slider all the way down (off). Restart your browser and try again.

Doing the above will turn off Program limitations completely. If the update works that way then it is simply a matter of determining what program & setting is blocking. If it still doesn't work then the problem is elsewhere.

It could also be the Privacy settings, so you could try diabling those from the Privacy Panel (all 3 items). It could be outside ZAP altogether. Perhaps a Hosts file blocking access to the akamai websites that actually send the updates.

You may be able to get more details on the exact error by looking in the log file created by Windows Update. Mine is located in: c:\Windows\Windows Update.log just open it in Notepad and go to the bottom and look for errors / information.

and hy is resolver using generic and etc, and generic runs constant

helppplplpl :-X


if you have no answer or confidence that i'm not being hacked by a direct generic or something want

LowWaterMark I'l do that thankyou

you remmeber me awhile back, you helped me lots :)

I have avg antivirus if thats good enough software.

I have zone lab which still needs configuring...

I'm not smart enough or have time, i'm far to busy, I was just hoping someone could just tell me before I be doom, them I can suffer with fear :'(

it's not fare there is no target to kill!

I have the same pb as well as a friend, we are living in france.
At start i thought it was a DNS pb somewhere, but it seems that not.

I am surprised to haven't seen this pb shown until now.
We aren't more to can't update ?

Hey Angel,

Your settings on Generic Host Process are good. I have mine set exactly the same (allowing access out - green check in access column; blocking "server" - the red X in server column). That is set securely.

The alert you show in reply #4 above is totally normal. I get maybe 100 of that specific type each day. Incoming probes on TCP Port 135 are very common. The fact the ZA is blocking it means you are okay.

These are not directly targetted at you. There are hundreds of thousands of infected PCs on the Internet and the main result is that they probe for other unprotected PCs trying to infect them. They can send out hundreds or thousands of these probes an hour - each PC! And they do it on different IP addresses which just happen to include you, me and everyone else on the Internet.

There is nothing you've posted in this thread that is a concern.

Oh, and no - there is nothing you can do about these probes. Just let ZA block them as it is doing. If you were to attempt to do something back to them, there's a good chance you'd get caught and your ISP would cancel you account.

Hi gkweb, thanks for the extra information.

Okay, so Mr.Blaze is having a problem also with Windows Update as per this thread:

http://www.wilderssecurity.com/showthread.php?t=19545

We started out think it was just a single update he was having a problem with, but it looks like all Windows Update. So, it certainly looks like Microsoft is having the problem...

::)thankyou, I don't want to go to jail for emailing them ..tell them how time wastingly soulless all this is, cutting hearts out and filling are minds with hellish hell...

I was going to give u good karma, but there is no button?

windows nt logon application whats to logon, whos that? winupdater?

-{ Quote: "windows nt logon application whats to logon, whos that?" }-

That is the application that controls logon authentication on your system. We all have that. The specifics of the alert (who, what, where, when, etc) will tell you what's triggering it. It needs access under some circumstances, so you'd need to look at the alert to see just why in this case.

Well, I was just able to get this latest Microsoft Windows Update a few minutes ago on my XP system with ZAP up and running. No problems here.

So, I still suggest for that issue you try disabling the different settings mentioned above, and also check out that Windows Update log file for a specific error.

from windows update help :
-{ Quote: "
Problem Description:
The error 0x800A138F is displayed when scanning for updates, but the Windows Update.log file will show error 0x800C0008.


Resolutions:
This is a generic error number which indicates a problem with the SSL connection with our server.

Some customers have resolved this issue by disabling or uninstalling internet acceleration software.
--------------------------------------------------------------------------------
Suggestion 2
============
The error may occur because the language-setting in Internet Explorer is missing. To add a language, in Internet Explorer, select Tools-->Internet Options, and click the "Languages" button. Add a language to the list if empty.
--------------------------------------------------------------------------------
Suggestion 3
============
Check the system time. SSL will not function if the system time is more than 100 days off.
--------------------------------------------------------------------------------
" }-


more specially this :
-{ Quote: "
Suggestion 4
============
Please uncheck "Check for server certificate revocation":

1. Open Internet Explorer
2. Click on Tools
3. Click on Internet Option from the drop down menu
4. Click on the Advanced tab
5. Scroll down to the Security Section
6. Unselect "Check for server certificate revocation"
7. Reboot the machine
--------------------------------------------------------------------------------
Suggestion 5
============
One customer performed an MSN Messenger update, which fixed his 0x800c0008 Windows Update issue as well. Correlation not yet determined but an avenue to check if you have MSN Messenger installed.
--------------------------------------------------------------------------------



Issue Applies To:
Windows 2000
Windows XP
" }-

you remeber norton products issues with verisign certificates ?
still the pb here.

I will reboot and tell you if it's works.

doesn't work for me...

-{ Quote: "I was going to give u good karma, but there is no button?
" }-

I've been wondering about this also.

Is there a certain amount of posts one has to make before being allowed to give karma points?

thanks,

gunnarj

Hi gunnarj,

-{ Quote: "Is there a certain amount of posts one has to make before being allowed to give karma points?" }-

Yes, there is. The ability to grant karma comes as soon as your post count reaches 50. See this FAQ for more info:

FAQ: What is Karma? (http://www.wilderssecurity.com/showthread.php?t=11829)

-{ Quote: "Yes, there is. The ability to grant karma comes as soon as your post count reaches 50. See this FAQ for more info:

FAQ: What is Karma? " }-

-------

Thanks for the info, LowWaterMark! I like the idea of Karma points; it is another factor that makes this forum such a good one.

gunnarj

:( I have the error recorded :P I find life a rush in rain . . . . this is pain :'(

http://www.wilderssecurity.com/showthread.php?t=19783

rest time is near all stay as one, 2 the next life, i'm (tired) of life!

Lowwatermark... I'm confused because of my self, you have been clear but I've found clear mind to deal with this stress

I marked green ticks as i think there ok, the red boxes indicate in customize of them? which i'm not sure what you mean

was it tick cross tick cross? for all?

-{ Quote: "I marked green ticks as i think there ok..." }-

Yes, those look fine.

-{ Quote: "... the red boxes ..." }-

For the three programs inside the red boxes that have "server" being allowed... Why are you allowing those? Did you find you had to do that for something to work properly? On my system I have NO programs that are always allowed server rights. I have most blocked with red X's, but a couple I leave "?" just so I can be prompted with a popup alert if I decide to run one of those.

are you guys having windows update working properly ?

-{ Quote: " quoting: gkweb link=board=23;threadid=19565;start=15#msg121332 date=1074463549]are you guys having windows update working properly ?" }-

I just checked the update site and was able to get in, have it scan my system, and report that I didn't need any updates. I can't test downloading an update at the moment since I don't need any.

4 days ago I was able to get that last critical update Microsoft released, though Windows update was a little slow. I think that was just because with this new monthly updates cycle they get a lot of traffic the first day or two after release.

What problem are you seeing there now?

same screenshot as "angel from above", second post.

Did you check the windows update log file on your system for details about the error (if any are present)? On my system it is here:

c:\Windows\Windows Update.log

-{ Quote: "
2004-01-18 18:59:48 17:59:48 Success IUCTL Starting
2004-01-18 18:59:49 17:59:49 Success IUCTL Downloaded iuident.cab from http://windowsupdate.microsoft.com/v4/ to C:\Program Files\WindowsUpdate\V4
2004-01-18 18:59:49 17:59:49 Success IUCTL Current iuengine.dll version: 5.4.3790.14
2004-01-18 18:59:49 17:59:49 Success IUCTL Current iuctl.dll version: 5.4.3790.14
2004-01-18 18:59:49 17:59:49 Success IUENGINE Starting
2004-01-18 18:59:50 17:59:50 Success IUENGINE Determining machine configuration
2004-01-18 18:59:50 17:59:50 Success IUENGINE Determining machine configuration
2004-01-18 18:59:55 17:59:55 Success IUENGINE Querying software update catalog from https://v4.windowsupdate.microsoft.com/getmanifest.asp
2004-01-18 18:59:56 17:59:56 Error IUENGINE loadXML: line 1, pos 1, Le caractère > manquait dans l'élément de fin.
(Error 0xC00CE55F)
2004-01-18 18:59:56 17:59:56 Success IUENGINE cata
2004-01-18 18:59:56 17:59:56 Error IUENGINE Querying software update catalog from https://v4.windowsupdate.microsoft.com/getmanifest.asp (Error 0x80070057: Paramètre incorrect.)
2004-01-18 19:00:14 18:00:14 Success IUENGINE Shutting down
2004-01-18 19:00:17 18:00:17 Success IUCTL Downloaded iuident.cab from http://windowsupdate.microsoft.com/v4/ to C:\Program Files\WindowsUpdate\V4
2004-01-18 19:00:17 18:00:17 Success IUCTL Current iuengine.dll version: 5.4.3790.14
2004-01-18 19:00:17 18:00:17 Success IUCTL Current iuctl.dll version: 5.4.3790.14
2004-01-18 19:00:17 18:00:17 Success IUENGINE Starting
2004-01-18 19:00:18 18:00:18 Success IUENGINE Determining machine configuration
2004-01-18 19:00:18 18:00:18 Success IUENGINE Determining machine configuration
2004-01-18 19:00:21 18:00:21 Success IUENGINE Querying software update catalog from https://v4.windowsupdate.microsoft.com/getmanifest.asp
2004-01-18 19:00:22 18:00:22 Error IUENGINE loadXML: line 1, pos 1, Le caractère > manquait dans l'élément de fin.
(Error 0xC00CE55F)
2004-01-18 19:00:22 18:00:22 Success IUENGINE cata
2004-01-18 19:00:22 18:00:22 Error IUENGINE Querying software update catalog from https://v4.windowsupdate.microsoft.com/getmanifest.asp (Error 0x80070057: Paramètre incorrect.)
2004-01-18 19:01:04 18:01:04 Success IUENGINE Shutting down
2004-01-18 19:01:04 18:01:04 Success IUCTL Shutting down
" }-

it's strange, windows update has always works flawlessly apart of the Blaster story.

Take a look at this site (search for parameter error code: "0x80070057" about half way down):

http://www.updatexp.com/0x800A138F.html

wow !! :o

-{ Quote: "
0xC00CE55F "System cryptography: Use FIPS compliant algorithms for encryption" service is enabled! DISABLE IT NOW!

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"fipsalgorithmpolicy"=dword:00000001

switch it off with:

"fipsalgorithmpolicy"=dword:00000000

(For Windows 2003 and XP only... Windows 2000 does not fully support FIPS and so does not have this key.)
" }-

all works now ! i love you LowWaterMark :-* :-* :-*

you have earned 1 karma cookie :D

Cool! I'm glad you got it working. 8)

:-\ I have no karma abilitys yet:( sorry lowwatermark