[COMP] Shields UP! -- Internet Connection Security Analysis
- To: computers <computers@xxxxxxxxxxxxxx>
- Date: Fri, 21 Apr 2000 03:24:38 -0400
Anyone have opinons on what this describes?
http://grc.com/su-rebinding9x.htm
Gibson even says his programs written for share and no share are no
longer necessary now that he found this MS bug about the bindings
dissapearing.
makes him credible sounding to me
David
-- HTML Attachment decoded to text by Listar --
-- File: su-rebinding9x.htm
Shields UP! -- Internet Connection Security Analysis
[IMG]
[IMG]
Internet Connection Security for Windows Users by Steve Gibson, Gibson
Research Corporation Network Discipline for Windows 9x
[IMG]
As we saw on the previous page[1], Microsoft's default binding of
"everythingto everything" results in very insecure networking. Once we
understand which (very few) bindings are actually needed, the security of
anyWindows system can be greatly enhanced by simply "unbinding" everything
else. This page provides detailed directions to help you do exactly that.
[IMG]
Changing these bindings does not delete or remove anything from your system,
so you'll be able to undo any changes you make and update your network
bindings at any time in the future if your needs ever change. Windows
NT4: The instructions on this page only apply to Windows 95 and 98. The
"Network Discipline for Windows NT[2]" page contains instructions specific
toWindows NT. Win98 ICS: The Internet Connection Sharing (ICS)
technology included in the Second Edition of Windows 98 provides "Network
Address Translation" (NAT)[3] services to hide the IP addresses of your
localmachines and creates good security all by itself. (As you may have
already found.) Even though NAT[4] makes unbinding somewhat less critical,
since excess networking bindings are never a good thing, the following
instructions are still useful for users of Network Address Translating
systems.
Necessity is the Mother of Invention . . .
[IMG]
To recap: All versions of Windows 9x have an annoying bug that causes
installed network components without any bindings to "disappear" from the
Network properties listing. This occurs even though they are still installed
and functioning! Subsequent reconfiguration becomes difficult since the
component's listing has disappeared and this disappearing trick will mislead
and confuse anyone who later attempts to examine the system's configuration.
Microsoft has presumably never even noticed this bug.
[IMG]
Since they bind everything to everything by default ... . . . there's
probably never been a situation where a network component was given the
opportunity to float off into the sunset after being cut loose from all of
its neighbors!
[IMG]
But, as you've probably guessed, YOU are about to embark upon a major
"unbinding spree" because, believe it or not, the ONLY bindings you need for
total Internet access look like this! . . . The problem with using this
truly optimal and minimal binding configuration is that, as I said above,
that annoying bug in all versions of Windows 9x causes any completely
unboundcomponents to disappear from the network components listing.
[IMG]
Therefore, since we don't want the components we've unbound disappearing
fromthe component list (except for the unneeded IPX/SPX transport which
we'llallow to float away), a configuration similar to the following will be
our goal . . . As you can see from the diagram above, a safe network
binding configuration depends heavily upon a non-TCP/IP transport (NetBEUI
inthe diagram above) to "anchor" the various Microsoft network services. It
is not safe to bind them to TCP/IP, but if we don't bind them to something
they will stay installed but disappear from sight.
[IMG]
Therefore, although it's not strictly necessary,
I advocate installing the "benign" NetBEUI transport
into all well configured Windows networking systems.
Aside from giving us something to use as a safe anchor for the
usually-unneeded Microsoft Networking components, NetBEUI has the additional
advantage of supporting the evolution of your system by providing safe local
file and printer sharing at any time in the future. And, if you are already
running a local network of computers you will gain immediate benefit from
theuse of the safe NetBEUI transport.
ALSO . . . The sample screen shots shown on this page will probably be
different from what you see on your computer. They are intended only to help
keep you synchronized with the instructions. You should NEVER install
anything other than the NetBEUI transport protocol as explained below. If
your system is operating without some of the services shown in my sample
screen shots, you should consider yourself fortunate for getting by with
lessjunk loaded! IMG]
A Special Note for Network Gamers[IMG]
Many real-time local area network based games pre-date the Internet's IP
protocol and have traditionally required the use of the IPX/SPX transport
forinter-game communication. If you are currently using networked games over
the IPX/SPX transport, or if you plan to in the future, you can —and
probably should —substitute the IPX/SPX protocol for NetBEUI throughout
this entire discussion. You will need IPX/SPX for your gaming and it can be
seamlessly substituted for NetBEUI with little impact to your system's
security.
So . . . here's what we're going to do:
[IMG]
Install the safe NetBEUI Protocol (if it's not already present).
[IMG]
Establish minimal and secure hardware adapter bindings.
[IMG]
Establish minimal and secure network transport bindings.
[IMG]
Restart the system to "make it so!"
Install the NetBEUI Protocol To begin, follow the instructions in
the box below to open the Network configuration dialog box.
[IMG]
(To avoid needless, annoying, and time consuming system reboots, try to
avoidclicking this box's "OK" button until everything has been
reconfigured.)
To open the Network configuration dialog box. . .
First open the Windows Control Panel (from the Start button choose
"Settings"then "Control Panel"). Then open the Network configuration dialog
box by double clicking on the Control Panel's "Network" icon (see the icon
above/left). You should be presented with the following dialog box (the
exactcontents will differ):[IMG]
With the Network dialog box open, scroll through the installed
componentlisting (similar to what's shown above) to see whether your system
already contains the NetBEUI transport. You'll see one or more lines
startingwith the transport icon and word "NetBEUI" as shown at the upper
leftof this paragraph.
If NetBEUI is already listed you should skip over the "Installing
the NetBEUI Transport" section that follows and continue at
#2 - Set the Hardware Adapter Bindings section.
[IMG]
Installing the NetBEUI Transport
[IMG]
Installing a protocol that's new to Windows will require copying some files
from the master Windows CAB files. These may have been copied onto your
system's hard drive (usually underneath the c:\windows directory), or they
might only be located on your original Windows 9x CD-ROM. Since you've
probably installed other software that resulted in a dialog box saying
"Windows needs to copy some files ..." you probably know the drill. So,
you'll need to do whatever you normally do to have this eventuality.
Begin by opening the Windows Networking configuration dialog box[5] if it's
not still open. (See the inset box above for details.) With the Network
properties dialog box open . . . Click the "Add ..." button just below
the list of installed network components. This will present the following
Network Component Type selection dialog box: Click the "Protocol"
type once with the mouse to select it, then click that dialog's "Add..."
button to the right. This will display the following Network Protocol
selection dialog box: Click "Microsoft" on the left to select
amongthe available Microsoft provided protocols, then scroll the list on the
right down until the line with "NetBEUI" (as shown above) appears and click
on it once to select it.
[IMG]
Click the "OK" button at the bottom of this dialog to confirm your
choice and dismiss this dialog box. (Note: It's better not to dismiss the
main Network dialog box until we're finished since it will require a
time-consuming reboot of Windows.)
Set Your Hardware Adapter Bindings
After making sure that we have NetBEUI available to serve as our "unwanted
services anchor" we're ready to establish the system's network component
bindings. [IMG]
Since bindings work as anchors to prevent higher-level components from
drifting off, we'll start at the bottom-most network layer (the hardware)
andwork our way up.
Returning to the list of installed network components, scroll to the
topand identify your system's installed hardware adapters. Each adapter is
identified by a circuit-board like icon and name as depicted in the image to
the left. Your particular adapters will probably differ from those shown.
Dial-Up Networking users may only have a "Dial-Up Adapter" whereas Cable
Modem and DSL users may only have a single entry for their "NIC" (Network
Interface Card).
[IMG]
Changing Each Adapter's Bindings
[IMG]
Each adapter's transport bindings can be viewed and edited by clicking once
on the adapter's name in the networking components list, then clicking the
"Properties" button just below the list (or you can just double-click on the
adapter name).
This will display the adapter properties dialog box. If the "bindings" tab
isnot currently in front, click the "bindings" tab once to bring it to the
front:
[IMG]
The bindings list will contain one entry for each protocol currently
installed in your system. You should at least find entries for the NetBEUI
and TCP/IP protocols since TCP/IP is required to use the Internet (which
you're using right now!) and you will have just installed the NetBEUI
protocol if it wasn't already installed. Many systems also have IPX/SPX
installed (for no reason).
One way to visualize this is to refer to the binding diagram below and
imagine that each adapter is "looking up" to see the array of protocols
whichare available to it on the level just above. All available protocols
areshown in the "Bindings" list for each adapter. The "checkmarks" at the
beginning of each line show to which of the protocols this chosen adapter is
currently bound.
As you'd expect, the adapter can be bound and unbound to and from each
respective transport by clicking in the checkbox to toggle the checkmark on
and off.
[IMG]
Establishing Optimal Adapter Bindings
[IMG]
Referring again to this network bindings diagram: Our goals for optimal
adapter bindings are: Bind the TCP/IP transport only to adapter(s) that
connect to the Internet. This is not strictly necessary, since there's
reallyno harm in leaving TCP/IP bound to all hardware adapters (if you have
more than one), but there's also no good reason to have your system
clutteredwith unnecessary bindings. NetBEUI —which was designed for
local area networking —much more elegantly handles all local area
networking needs with absolutely NO configuration. TCP/IP —which was
designed for global networking —requires significant configuration.
Bind the NetBEUI transport only to adapters that will be used for local area
networking, if any. To keep NetBEUI from disappearing due to the Windows 9x
network configuration bug, it must always be anchored to at least one
adapter. So, if your system only has a single network adapter be sure to
bindNetBEUI to it. But if you have a choice of adapters and one or more are
not used to connect to the Internet, you can bind NetBEUI to those and
unbindit from any others. Unbind all other unneeded network transports
(like IPX/SPX in the example above) from ALL network adapters. This will
release the unneeded and unused transports along with any services which are
bound only to them.
Following the guidelines above, examine
each of your system's adapters in turn,
setting their bindings as appropriate.
Here are some example scenarios to demonstrate the application of these
guidelines:
[IMG]
Users who connect to the Internet through a Dial-Up Adapter, and who
donot also have a local area networking adapter will simply want to leave
TCP/IP and NetBEUI bound to their Dial-Up adapter while unbinding anything
else (like the IPX/SPX transport protocol.)
[IMG]
Users who connect to the Internet through a Cable Modem or DSL
connection will have a Network Adapter of some sort installed. This adapter
should be bound to TCP/IP and NetBEUI and unbound from anything else (like
the IPX/SPX transport protocol.) If the system also has a Dial-Up Adapter it
can be unbound from the NetBEUI transport since the network interface card
will serve as NetBEUI's anchor.
[IMG]
Users with local area networks who want all of their machines to have
access to the Internet should bind TCP/IP and NetBEUI to their network
adapters and unbind anything else. And within that network, machines which
donot need (or should not have) Internet access (such as, perhaps, a young
child's computer) should only have NetBEUI bound to the network interface
since that machine would have no need for the Internet's TCP/IP transport.
Set Your Network Transport Bindings
With the hardware adapter bindings optimized, we're ready to move up to the
next level. Here we'll establish the optimum bindings between each network
transport protocol and the network services above them ... [IMG]
Looking again at the now-familiar Network properties dialog box, you'll
see a group of lines that all start with the "protocol" icon. (Shown
enlargedto the left of this paragraph.) The listing of protocols will take
either of two different forms, depending upon whether you have more than one
hardware adapter:
[IMG]
If your system has a single adapter, your protocol list will look something
like this:
[IMG]
[IMG][IMG]
But if your system has two adapters your protocol list will be a bit more
complex, looking something like this:
[IMG]
[IMG][IMG]
As you can see, multi-adapter systems have one listing per adapter per
protocol. In other words, each adapter-protocol pairing has a listing in the
components window. This could be useful since it would allow you to bind
individual services not only to a particular transport protocol, but even to
individual adapters used by that protocol. Although you might think of some
nifty way to make use of this (now that you know you can), for our purposes
we'll be setting each instance of each protocol identically.
[IMG]
Changing Each Protocol's Bindings
[IMG]
As with adapter bindings, the bindings for each transport protocol (or
transport/adapter pair) can be viewed and edited by clicking once on the
protocol's name in the networking components list, then clicking the
"Properties" button just below the list (or you can just double-click on the
adapter name).
This will display the transport protocol properties dialog box. If the
"bindings" tab is not currently in front, click the "bindings" tab once to
bring it to the front:
[IMG]
TCP/IP Dial-Up Information:
[IMG]
When the TCP/IP Properties dialog box for a Dial-Up Adapter is opened, an
information dialog box may appear explaining that you may want to be editing
the TCP/IP properties for a particular dial-up connection, rather than these
properties which will apply to all dial-up connections. Network service
bindings can not be set on an individual dial-up connection basis.
Therefore,we do want to be editing these. Dismiss the dialog by pressing
"OK", then proceed. . .
As when we edited the hardware adapter bindings, "Checkmarks" at the
beginning of each line show to which of the system services this chosen
transport protocol (or protocol/adapter pairing) is currently bound. And, of
course, the service may be bound and unbound by clicking the checkbox to
toggle the checkmark on and off.
[IMG]
Establishing Optimal Protocol Bindings
[IMG]
Referring again to our very familiar network bindings diagram: The
stepsrequired to configure your system for optimal protocol binding are:
Unbind ALL network services from EVERY instance of the TCP/IP protocol!
This is the THE SINGLE MOST IMPORTANT INSTRUCTION on this entire
website! If you do NOTHING ELSE, examine every line beginning with "TCP/IP"
and remove all of the checkmarks from the services listed on the bindings
tab! (Note that when you click "OK" after unbinding everything, Windows will
think you're nuts and will warn you that you "have not selected any drivers
to bind with." Just click "NO" to proceed.)
[IMG]
After a reboot, the information-leaking port 139 will finally be closed . .
.but ONLY IF every service is unbound from every instance of the TCP/IP
protocol. If ANY one of the services remains bound to ANY instance of the
TCP/IP protocol (i.e. TCP/IP for ANY adapter), then unsafe NetBIOS services
will be available for ALL hardware adapters!
[IMG]
The one unfortunate exception to this advice
applies to a FEW users of the @Home network![IMG]
Some unfortunate @Home users may find that they are unable to reconnect to
the Internet without the presence of Microsoft's NetBIOS. A handful of
@Home's DHCP servers actually depend upon the customer's NetBIOS name
leakagein order to identify the customer on their network! This is NOT true
for most @Home users, but it is for some.
[IMG]
Since the Client for Microsoft Networks can be easily "rebound" to the
TCP/IPtransport used by your @Home LAN adapter, my advice is for all @Home
users to first follow this advice to unbind everything. If you find that
you're cut off from your network do two things: 1. Rebind just the Client
forMicrosoft Networks to the TCP/IP transport to re-enable Microsoft's
NetBIOS protocol —and your Internet connection. Then: 2. Write an angry
letter to your @Home provider complaining about their requirement for the
presence of the "insecure NetBIOS for DHCP Host Name Resolution" and urge
them to upgrade their equipment to use "DHCP Options" (which provides for
Host Name Resolution in a much more secure fashion.) [IMG]
NOTE: The exact content of your services listing will probably be different
from the one show above. It is fine if your system does not show any of the
"services" lines shown above and also if it contains items not shown. There
is no need to add them just to have them listed. Bind ALL network
services to at least one of the NetBEUI transport instances. Binding the
network services to the NetBEUI transport protocol will keep the services
from disappearing from the network components listing (in case you need to
rebind them in the future) and will also prepare your system for completely
safe local area network file and/or printer sharing either now or in the
future. Unbind ALL network services from any other unused transport
protocols. If your system has any other transport protocols installed
—like an unneeded IPX/SPX transport —you can unbind all of the
services from every instance of those unneeded protocols. Since they won't
bebound to anything they will quietly disappear from the components list
after the next system reboot. [IMG]
If you follow the three steps above to set the service bindings for each of
your system's installed transports (or transport/adapter pairings) you will
completely secure your system against NetBIOS information leakage and
completely hide it from all passing NetBIOS service and shares scanners!
[IMG]
Wrapping it all up . . .
[IMG]
After setting the bindings for each category, be sure to press that level's
"OK" button to confirm and save the new settings and return to the main
Network configuration dialog. When all of the changes have been made in each
category, click "OK" to close the main Network configuration dialog.
[IMG]
After the system restarts you will have disciplined
the system for NetBIOS-Safe Internet access!
[IMG]
[IMG]
DO IT NOW! IMG]
Verify that NetBIOS over TCP/IP is Disabled!
After re-booting your system (you should have rebooted by now) Windows
normally, but not always, automatically enables and unchecks this option
under all TCP/IP protocol properties.
[IMG]
But if it is still checked, you must uncheck it yourself! . . . [IMG]
[IMG][IMG]
After unbinding all services from all TCP/IP transport protocol lines, then
rebooting to allow those unbindings to take effect, the "I want to enable
NetBIOS over TCP/IP" option on the NetBIOS tab of each TCP/IP properties
dialog (as shown above) will no longer be greyed-out. And it will usually
—but not always —no longer be checked.
[IMG]
If this option is still checked you must be sure to uncheck it for every
TCP/IP transport protocol line in your Network components listing. Once
that's been done, reboot your system one last time . . . and you will have
secured your system's NetBIOS system and firmly closed port 139!
[IMG]
If you are using the very first release of Windows 95 (build 950) your
TCP/IPProperties dialog will NOT have a NetBIOS tab! Nor will you be able to
close port 139 by unbinding all Microsoft services! I waited until now to
mention this since unbinding unneeded services is still what you want to do
for security. If you want to close port 139, you can either rename the file
"c:\windows\system\vnbt.386" to something else (remember what you renamed it
to in case you need to renamed it back!), or use my otherwise obsolete
NoShare[6] and LetShare[7] utilities. NoShare and LetShare also simply
renamethe file back and forth.
Repeat For All Other Local Machines . . .
If you have a local area network sharing resources, you will also need to
install the NetBEUI transport on those other machines. [IMG]
Since you will have moved your file and printer sharing from the TCP/IP
transport over to NetBEUI, all other systems participating on your local
areanetwork must also have their file and printer sharing enabled for use
with the NetBEUI transport. After repeating the instructions above for every
machine, local communication will be securely enabled throughout your entire
network.
What if it Doesn't Work?
Now I've got you all worked up and worried about your security and port 139,
and you've done everything I've recommended —and checked it all twice
—yet something's wrong? [IMG]
Unfortunately, my ability to help you personally or directly is hampered by
this site's tremendous success and traffic. We average nearly ten thousand
visitors per day —so there's just no way for me to interact
individuallywith even a fraction of all those people. I really would, if I
could. But I need to be working on the next generation of really cool
Internet security software that you want from me. If my days are spent
answering specific questions we'll never see anything else from me.
[IMG]
So, I've assembled a bunch of self-help material on this site that should go
a long way to helping you with odd events and empowering you to find
solutions to your specific dilemmas:
[IMG]
What could go wrong? Perhaps, despite unbinding everything as described
above, for some reason your port 139 is still showing as "wide open" and
you're worried. Or, perhaps the "unbinding" of something has had some
unexpected side-effect on your system or its Internet connectivity. The most
useful bits of advice I have are: You must first and foremost be
absolutely certain that this ShieldsUP! site is really testing your computer
(not some other machine on the Internet).
[IMG]
Windows 9x users can do this by checking their machine's current IP address
with Windows' built-in (but little known) "WinIPcfg" utility. While you're
online and connected to the Internet, enter its name into the "Run..." field
under your system's Start menu. It will instantly show your machine's IP
address. Make sure it's the same as what ShieldsUP! is showing you. If the
ShieldsUP! page shows a different address, or for another solution. . .
[IMG]
You can use the free (and very small) IP Agent[8] utility that I wrote for
exactly this reason. With the ever-increasing complexity of the Internet,
some sort of intermediary "proxy server" might be issuing web page requests
on behalf of your machine. When this happens, ShieldsUP! naturally mistakes
that machine for yours. The IP Agent prevents this confusion by sending your
computer's verified IP address as part of the URL used to access this
ShieldsUP! site. When you use the IP Agent to enter the ShieldsUP! site
you'll be informed whether its use was necessary. If your concern is
that port 139 remains open:
Despite my working to be very clear, some people still don't "get it" that
the only way to close port 139 is for every single service to be unbound
fromevery single instance of TCP/IP. In other words, if ANY service is bound
to ANY TCP/IP line in the Network properties . . . port 139 will remain open
for business.
[IMG]
When you have accomplished this, the "I want to enable NetBIOS over TCP/IP"
option shown below will no longer be disabled, and it can and should be
unchecked for all of your TCP/IP property items:
[IMG]
Evil Port Monitors are "evil" specifically because they hold
ports, including port 139, wide open and hoping to catch something that
comesalong! If you're running an Evil Port Monitor like NukeNabber (just one
of the many evil ones) nothing you do will close your ports until you wake
upand remove those nasty monitors! I plan to write a "blessed port monitor"
before long, but until you have mine you're much better off with nothing!
Be sure to check the ShieldsUP! FAQ[9] —Frequently Asked Questions
page.(Page 11 of this site.) This page contains thorough treatments of the
most often asked questions and common confusions associated with this web
site and these instructions. It's a terrific resource that's there for you.
Read through the ShieldsUP! Discussion Forum[10]. (Page 9 of this site.)
Thisis the place where ShieldsUP! visitors can ask questions and get answers
to questions and confusions that have not been covered anywhere else. Since
many knowledgeable people are reading and replying to questions, I am able
tostay focused upon the creation of new cool software, while you're able to
find or get answers to your questions. Experiment and figure it out for
yourself! Really. Take matters into your own hands and see if you can't
figure out what's going on. One of the reasons I've been as long-winded and
"tutorial" as I have been on this site —aside from wanting to empower
you with a true understanding of this aspect of networking technology
—is so that you could acquire the ability to tackle odd results for
yourself. I really don't know anything more than than I've shared here. And
these instructions do work perfectly for the vast majority of users. So if
your system is somehow different or weird in some way that prevents this
fromworking for you, you are in a much better position to experiment and
comeup with the answer than I am. Give it a shot. I'll bet you'll succeed! I
sincerely hope that these resources will be useful for you. It is the best
I've been able to do.
Concluding Comments
If you follow the guidelines given above —then REBOOT —your system
will be secured against NetBIOS information leakage, it will finally stop
advertising its presence across the Internet to every passing scanner, and
Microsoft's "never meant for global networking" insecure file and printer
sharing NetBIOS technology will be kept safely within your own computer and
local network. [IMG]
Taking intelligent and deliberate control of your computer's network
bindingsis the single best thing you can do for your system's Internet
connection security.
[IMG]
The "second generation" guidelines presented above:
Completely close your system to all NetBIOS name and resource sharing
leakage, and firmly shut the three NetBIOS "scanner bait" ports 137, 138,
and139. Cost nothing to implement, other than the time taken to read
andunderstand these pages, and do not depend upon any external software.
Present a single, uniform, solution that is likely to be appropriate for
everyone to use in every situation (with the slight exception of some @Home
users.) Will not in any way disturb your current Windows or network
logon procedures and will not disrupt your dial-up networking or other
storedpasswords. Do not rely upon any "hacking tricks" or undocumented
procedures. No warranties will be voided and no one can refuse to support
your system on the grounds that you've done something "strange" to it. (You
haven't.) Can be completely and easily reversed. If you don't like any
outcome of following these simple instructions, simply bind everything to
everything once again and restart your computer. Create a solid
foundation for establishing a secure local area network —today or
tomorrow. If you have read and understood this page and the one which
precedes it, you will now have a solid understanding of the theoretical and
practical aspects of network component binding. Return CONTROL of a
significant and important aspect of your personal computing experience
—your computer's networking —back to YOU where it always belonged!
Although I'm a BIG fan of Personal Firewall products, as you'll see on page
7, "Personal Firewalls", the tremendous power of these straightforward
"component unbinding" techniques has allowed you to disable an unwanted and
unneeded capability from your system. This solution is superior to depending
upon some other product or technology to "suppress" that unwanted
capability.That's an important distinction in the realm of robust security.
AND, if neutering your system's networking is not possible because you do
still need to share files across the Internet then full security will
requirethe suppression of unwanted networking capabilities. The following
twopages, "Evil Port Monitors" and "Personal Firewalls" detail your options
and discuss pitfalls.
FREE Firewall ZoneAlarm 2.0[11] Has Been Released!
My fingers are crossed, the dust is still settling and the paint is still
wet. It's too early to tell for sure, but it looks like Zone Alarm 2.0 (ZA)
will be the PERFECT and ULTIMATE PERSONAL FIREWALL for the typical Internet
user! And it's 100% free for the individual user!
[IMG]
I am using it right now —and NOTHING ELSE! —on my personal system,
and so far I love it! I think ZA combines the best of ALL worlds and
eclipsesevery other firewall ever created. I hope to review it soon, but I
will wait until the product stabilizes so I can give it my full endorsement
without reservations.
[IMG]
In the meantime I recommend that you first read through the "ZoneAlarm
2.0.xxStatus[12]" page I've created to track ZA's progress during it's first
confrontation with the "Real World". Then grab a free copy from ZoneLabs,
andshare your feelings and experiences with everyone else over on the
ShieldsUP! forum[13] here on this site!
[IMG]
[IMG]
[IMG][14]To continue, please see: Evil Port Monitors[15] [IMG][16][IMG]
You are invited to browse these pages for additional information:
[IMG]
1 Shields UP! Home[17] 5 Network Bondage[18] 9 Public Forum[19] 2
Explain this to Me![20] 6 Evil Port Monitors[21] 10 Be Notified[22] 3
Am I in Danger?[23] 7 Personal Firewalls[24] 11 FAQ[25] 4 What Can I
Do?[26] 8 Further Reading[27] 12 Site Evolution[28]
[IMG]
[IMG][29] [IMG][30]
[IMG][31] [IMG][32] [IMG][33]Purchasing Info[34] GRC Mail
System[35] To GRC's Home[36] Tech Support[37] Steve's Place[38]
[IMG]
The contents of this page are Copyright (c) 2000 by Gibson Research
Corporation.
SpinRite, ChromaZone, ShieldsUP! and the iconic character "Mo" (shown above)
are
registered trademarks of Gibson Research Corporation, Laguna Hills, CA, USA.
~ ~ ~
--- Links ---
1 /su-bondage.htm
2 /su-rebindingnt.htm
3 /faq-shieldsup.htm#NAT
4 /faq-shieldsup.htm#NAT
5 #openconfig
6 /files/NoShare.exe
7 /files/LetShare.exe
8 /files/IP_Agent.exe
9 /faq-shieldsup.htm
10 /x/talk.exe?cmd=xover&group=shieldsup&utag=
11 http://www.zonelabs.com
12 /zonealarm.htm
13 /su-discussion.htm
14 /su-evilportmon.htm
15 /su-evilportmon.htm
16 /su-evilportmon.htm
17 /x/ne.dll?bh0bkyd2
18 /su-bondage.htm
19 /su-discussion.htm
20 /su-explain.htm
21 /su-evilportmon.htm
22 /su-mail.htm
23 /su-danger.htm
24 /su-firewalls.htm
25 /faq-shieldsup.htm
26 /su-fixit.htm
27 /su-reading.htm
28 /x/ne.dll?bh1akydu
29 /purchasing.htm
30 /mail.htm
31 /default.htm
32 /support.htm
33 /steve.htm
34 /purchasing.htm
35 /mail.htm
36 /default.htm
37 /support.htm
38 /steve.htm
========================================
Avenir Web's Computers Mailing List
List Modes, Subscription, and General Info:
Go to http://avenir.dhs.org/mailing.html
List Archives: http://avenir.dhs.org/archives/
Administrative Contact: weez@xxxxxxxxxxxxxx
Get computer help: http://avenir.dhs.org
========================================
Other related posts:
- » [COMP] Shields UP! -- Internet Connection Security Analysis
