Zone Alarm Plus/Pro Program Options: comments

Discussion in 'other firewalls' started by Paul Wilders, Sep 28, 2002.

Thread Status:
Not open for further replies.
  1. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,278
    Location:
    New England
    Yes, the more you ask OE to access, the more complex the rules and permission lists will get. The main configuration in my OE thread is for the more basic POP, SMTP and News protocols only. A few people have commented in the past that they have done as you have, and added the needed permissions for things like Hotmail.

    Just make sure that your TCP Port 80 rule is limited to hitting the server or servers needed and not everywhere on the Internet, otherwise you'll reduce the effectiveness of the added rules dramatically.

    Hmm, that might require broader research on the exact error message to see if it's a known one, with a simple cause... For example, this one is similar:

    http://support.microsoft.com/?kbid=252840

    You may have to go through various Hotmail / Microsoft pages to ensure you have the exact configuration settings required.

    That's the problem with "generic rule descriptions" like those above. The Loopback rule there was meant to be specifically applied on 127.0.0.1, which in ZAP is not contained within the "destination" called "My Computer". You have a couple choices on this. You can specifically put 127.0.0.1 (or localhost) in the "loopback" expert rule itself, you can put 127.0.0.1 in the Trusted Zone and use that, or create your own "group" that defines aliases for "yourcomputer" and include 127.0.0.1 there.

    Yes, 127.0.0.1 is where IE's loopback UDP connections go. In my case, I put 127.0.0.1 in the Trusted Zone and just use that for my rules.
     
  2. stalker

    stalker Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    152
    Location:
    Ljubljana, Slovenia
    Hi,


    Or you could just put it under IE Expert Rules --> Destination, this is more restrictive !!

    But maybe also other programs needs UDP connection to local host. Maybe this one is a good rule for Firewall Zone Expert Rules ?!?



    O.K. I really make "deep" rules regarding Internet Explorer, so only the most "needed" stuff (communications through certain ports, as LowWaterMark suggested, and few additional, which I needed to figure out by myself), but I just find out, I have one more problem left. I can not download files.


    IE becomes "Server Not Found", and in body of IE, it says:


    Adress: http://www.sysinternals.com/files/winobj.zip

    You are not authorized to view this page

    You might not have permission to view this directory or page using the credentials you supplied.

    If you believe you should be able to view this directory or page, please try to contact the Web site by using any e-mail address or phone number that may be listed on the www.sysinternals.com <http://www.sysinternals.com> home page.

    You can click <javascript:doSearch()>Search <javascript:doSearch()> to look for information on the Internet.

    HTTP Error 403 - Forbidden
    Internet Explorer




    - Any clue, which permittions (specific ports, etc.) should I add to be able to normally download with Internet Explorer ??



    Thanks, and best regards
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.