[Dshield] Problem with MS Updates?

Robert Nelson nelsrob at mts.net
Wed Jul 9 22:42:19 GMT 2008


After setting it to "Medium," Ferg, just modify the "Medium" settings to block all that other stuff that "High" normally blocks.

There's a few folks waiting for CheckPoint/ZA to fix their little firewall toy... I'm glad I have a wired router to hide behind,
too! And yes, I changed the default password. ;)

Robert

-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org] On Behalf Of Paul Ferguson
Sent: July 9, 2008 1:36 AM
To: list at lists.dshield.org
Subject: Re: [Dshield] Problem with MS Updates?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In the spirit of "eat your own dog food" and "FYI self-adherence", I am happy to report that I managed to successfully install all
of today's MS security updates without incident after lowering my ZoneAlarm firewall to "Medium" as opposed to "High".

What I am unhappy about is that I had to set it to "Medium".

I await a fix from CheckPoint/ZoneAlarm.

Just an FYI.

Thanks,

- - ferg




- -- "Paul Ferguson" <fergdawg at netzero.net> wrote:

It has been brought to my attention that this is an apparent conflict between ZoneAlarm and MS update KB951748:

http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52
785 


Apparently, resetting Internet Zone Security from High to Medium is a
workaround:

http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52
733 

FYI,

- - ferg



- -- "Paul Ferguson" <fergdawg at netzero.net> wrote:

Heads-up:

I just had to System Restore a few machines (including my laptop) after updating with today's monthly Microsoft security patches.

All systems were XP SP2 -- and I have also expressly not selected the SP3 upgrade.

After rebooting, the Windows TCP/IP API seems to become completely broken, e.g. network applications (browser, NTP client, etc.)
cannot reach their desired destinations (error: host not found), however, when you open a DOS Shell, you can successfully resolve
DNS queries, ping target hosts, traceroute, etc.

Very bizarre and very frustrating. I spent ~2 hours futzing with this issue.

I have seen no mention of this elsewhere yet, but basically if you do not System Restore, you're functionally dead in the water.

I plan to make some inquires elsewhere, but for now, I would highly recommend waiting to apply the monthly Microsoft Black Tuesday
updates until things are more clear.

Has anyone else run into any problems?

FYI,

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFIdFwPq1pz9mNUZTMRAit9AKDpDggq0a40QsY9BXoqIUwQbAnz/ACfQpzV
H2bsKkS8sPKKCDR+fD+SQl8=
=tMqF
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet  fergdawg(at)netzero.net  ferg's tech blog: http://fergdawg.blogspot.com/


_________________________________________
SANSFIRE !! The Internet Storm Center Conference http://www.sans.org/sansfire08/




More information about the list mailing list