Is that tooleaky tool for real. Can zonealarm stop it somehow without blocking internet explorer. Um so it seems zonealarm is a pos if this simple ass program and go right through it. oh here is the link if u dont know what i'm talking about /http://tooleaky.zensoft.com/ cya, Will
ZoneAlarm Pro can block this exploit with its component protection feature. I do not believe the free version of ZoneAlarm has this feature, however. Regards, -Javacool
Yeap sure does. Does plus block this as well? cya, Will PS: Just wondering because i dont need the cookie and ad blocking stuff with pro.
Zone Alarm Plus and Pro are the same as far as Firewall and Program Component capabilities go. ZA Pro only adds the Privacy features (filtering active content, cookies, etc.) I run Plus because I also do not need the Privacy features to be inside my firewall, but I do want program controls. Note, that a brand new version of ZAP, (ZoneAlarm Pro with Web Filtering Bundle 3.5.132), was just released and has even more web filtering and privacy related capabilities, specifically "by program", which may well defeat tooleaky. I haven't tested this yet myself. tooleaky can get by any ZA (any version) if you have IE set to be allowed full Internet access without asking in ZA. When you run tooleaky, it simply fires up a new IE program session in a hidden window. If you have IE allowed in ZA, tooleaky will get out successfully. tooleaky does not make use of trusted program replacement or dll injection like some other leak tests. It is actually exploiting the ability of one program on Windows to send commands and read data back from another window. The source code is provided at the tooleaky link and it's a pretty simple program. Now, tooleaky is just a proof of concept test. It is very limited in what it can do, but it does point out that Windows has a seriously flawed design as far as some security goes. (Is that actually news to anyone? ) I don't know what real-world malware might attempt to use this type of exploit in the wild, but, it certainly is possible. Some more of my general thoughts on tooleaky... Anyone interested in understanding the specific security issues underlying tooleaky's proof of concept should try it out on their system.
Hey, Yea I'm running the latest build of Zone Alarm Pro. The 3.5 version. Yea it blocks it only if you have "Enabled Advanced Program Control" on. So is that included with Plus. I'm just trying to make a descision to which one I should use. I dont need the extra over head you know. Thanks, Will
Well, so far we don't know. The brand new (release version) of ZAP 3.5 just came out. As yet, they have not released a new ZA+, so we won't know until they do just what features will carry over. I'd hope that some of advanced program control would go into Plus from Pro, but, obviously they'll want to maintain the differential between Plus and Pro to get people to pay more for Pro. Hopefully, Zone Labs will make this all clear soon.