I saw on Steve Gibsons board a disturbing message about a bug in ZAP ( from ZA itself ?)http://grc.com/x/talk.exe?cmd=article&group=freeware.Leaktest&item=3289&utag= is this an item that should be taken serious..?

------------------

I couldn't get to that URL.Can you cut & paste or copy & paste here?

------------------
Steve

click here (http://grc.com/x/talk.exe?cmd=article&group=freeware.Leaktest&item=3289&utag=)

------------------
Thank you for using Help From Techs Support Forums!
Please come again and remember to refer a friend to our site.

Thanks Tech Guy.

------------------
Steve

Yikes! I'll stick to my free one! http://www.helpfromtechs.com/ubb/smilies/smile.gif

As of right now, I'd say yes, you should be concerned. If it was me, I'd download the FREE version and run it until they come up with a fix.

------------------
Moderator at Help from Techs Support Forums (http://www.helpfromtechs.com)

Will not help that much. for IE and ZA users, there's a very simple exploit (and more can be written easily). You can download te code overhere:
http://homepage.ntlworld.com/oxygen/AntiZoneAlarm.zip

cheers,

davidovv

------------------
support the good cause!
http://www.pchelpers.org/

As an addition to this item it could be usefull to read the letter that I got from Zonelabs..( this letter is also published on the messageboard of the Dutch "HCC"; one of the major computingclubs of Europe. ) Maybe it is a minor problem, that is comparable with many software-inherent bugs, but.... it would not hurt to stay alert on the quality of ALL firewalls..

================================== From: "Rebeccah H. Prastein" <rprastein@zonelabs.com>
To: "c15" <webmaster@caleb15.com>
Subject: Re: ZA Pro supposed bug ?
Date: woensdag 20 december 2000 0:02

Hello, "C15".

Yes, there really have been a *few* reports from users of ZA Pro's
settings seeming to change on their own. On the grc newsgroups, I've
found maybe a dozen or so reports. I have also seen 2 or 3 reports (out
of millions of users) from users who said their lock did not seem to be
working.

Our Technical Support has recognized for some time that strange behavior
on the part of ZA or ZA Pro is usually caused by corruption of the files
that store the settings, and the recommended action is (and has always
been) to delete the files in the Internet Logs directory and let ZA Pro
recreate them.

The good news is that we have recently identified a cause for the file
corruption, and it has nothing to do with Trojans or other evil software
messing with the files. There is a database programming bug within ZA
Pro that is causing file corruption under certain limited circumstances.
There is also a user interface bug associated with the Program Options
dialog, which does not corrupt the files, but does affect the ability to
change settings - again, only under certain circumstances. Having found
the programming bugs, it still remains to fix them, QA test them, and QA
any other changes that have been made to the code since the last
release, before an upgrade can be released.

In the meantime, I recommend periodic testing of *any* software firewall
against a standard test suite. Personal firewall software is very much
in the spotlight now, which means a lot of hackers are staying up late
at night trying to come up with ways to defeat all of the popular
programs. Steve Gibson's ShieldsUp! is a good screening test. It
doesn't probe all of your ports, but if ZA Pro flunks this test, you
know something is wrong. On the other hand, if all your ports show up
as stealth, this is a very good sign that ZA Pro is working properly.

Likewise, if you ever find that ZA Pro appears to be behaving
abnormally, I recommend disconnecting from the Internet, stopping and
restarting ZA Pro, rebooting, removing the Internet Logs files, or
completely uninstalling and reinstalling ZA Pro -- try each of these in
the order given, until the abnormal behavior seems to stop. Then go to
a test site and retest.

I hope this clarifies things a bit.

--
Rebeccah Prastein
______________________________
Knowledgebase Producer, Zone Labs

=============================================

C15.


------------------

C15,

Thanks for posting this very usefull info! :cool:

cheers,

davidovv

------------------
support the good cause!
pchelpers.org (http://www.pchelpers.org/)

Bug in ZAP? Not that I can see. I have preformed MANY tests to ensure my safety. ALL test have failed to crack ZAP, for me that is.

------------------

..well, without any doubt ZoneLabs sees one!

cheers,

davidovv

------------------
support the good cause!
pchelpers.org (http://www.pchelpers.org/)