Vampirefo
Premium,MVM
join:2000-12-11
Huntington, WV
 ·Comcast
| reply to R2
Re: Very odd site Claims they can disable ZA
I just tried it and it did shutdown ZAP, I got it from a friend just now, I had to try it, It killed the version 1.0.64, this is the only version i could find on short notice.
[text was edited by author 2001-07-02 21:37:38] |
|
Steve
Consultant
join:2001-03-10
Yorba Linda, CA
| Don't know ZoneAlarm at all, but this looks like a very promising approach to doing what they claim. Simply be creating the Mutex object that ZoneAlarm apparently depends on they can prevent ZA from starting, and I've seen this kind of thing happen (by accident) in other places.
My gut says this does exactly what they claim. Remember, if you can disable your firewall, so can something else. I've always wondered when this would happen.
Steve
--
Stephen J. Friedl / Software Consultant / Tustin, California USA / »www.unixwiz.net |
|
Nick8
Premium
join:2001-03-17
UK
| This mutex flaw was discussed at great length quite a while ago. I don't use ZA either but I know that the latest versions of ZA / ZAP (2.6.x I think) are not vulnerable. Also there is a patch available for the old versions which was not produced by Zone Labs, I think DCS were responsible for the patch (aswell as the discovery of the vulnerability).
[text was edited by author 2001-07-02 21:46:18] |
|
Vampirefo
Premium,MVM
join:2000-12-11
Huntington, WV
·Comcast
| I just downloaded the latest version from ZAP, and this test killed it just as fast. |
|
enabl3D
Wtf Is God???
join:2000-07-04
Fairfax, VA | reply to Nick8
well I'm using the latest version of ZAP(2.6.214) and that little program was able to shut it down.
oh boy, oh boy!!!!!
--
si no te gusta que te miren... ponte un cartucho en la cabeza |
|
Nick8
Premium
join:2001-03-17
UK
| reply to Vampirefo
Most of the discussion about this issue it too old to find, but I found this thread which is more recent. It seems the new version will still get shut down, but will cut the net connection dead (that's what they mean by "fixed"!). DCS's patch will prevent ZA getting shut down in the first place, its is suggested that the patch can be applied to any version of ZA. |
|
Vampirefo
Premium,MVM
join:2000-12-11
Huntington, WV | reply to enabl3D
So two confirmed, kills on the latest version of ZAP, seems like we got us a problem guy's.This test is real who wants to tell Zone labs? anyone else with ZAP care to try? |
|
Vampirefo
Premium,MVM
join:2000-12-11
Huntington, WV
·Comcast
| reply to Nick8
The internet connection was not shutdown, only ZAP, I was still able to surf the internet.The information in that thread is not correct, the only thing that dies is ZAP, not the internet connection.
[text was edited by author 2001-07-02 22:01:50] |
|
Nick8
Premium
join:2001-03-17
UK
| reply to Vampirefo
I can tell you for sure that they are fully aware of the issue  . They were hounded several months back when the issue was made public by DCS. Their answer to it is to have ZA take the internet connection with it if it dies (in versions 2.6.x) - effective if not elegant. DCS's patch actually prevents the code from shutting down ZA. |
|
Nick8
Premium
join:2001-03-17
UK
| reply to Vampirefo
Can you confirm that port 7 is open and reachable?
This program is DCS's own tester! It was released many months ago - I am surprised that no-one has reported the new ZA's failure to deal with it correctly yet.
[text was edited by author 2001-07-02 22:09:15] |
|
enabl3D
Wtf Is God???
join:2000-07-04
Fairfax, VA
| well my internet did get shut down
heres a screenshot of netstat right after running the program: |
|
Nick8
Premium
join:2001-03-17
UK
| said by EmiGrante:
well my internet did get shut down
This is what I expected - if ZA gets shut down, listener is active but internet connection is dead and therefore listener is unreachable.
[text was edited by author 2001-07-02 22:17:15] |
|
Vampirefo
Premium,MVM
join:2000-12-11
Huntington, WV | I am on cable and my connection is not being shutdown, ZAP is failing the test on my pc. |
|
hockeyfun1$
Down With Dc Exec
Premium
join:2000-11-26
New Hartford, NY | reply to enabl3D
Maybe you were not shut down because it might depend on your OS also...just a guess. |
|
