1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Zonealarm and netbios block on WinXP

Discussion in 'Networking' started by Anthony2816, Jan 28, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Anthony2816

    Anthony2816 Thread Starter

    Joined:
    Jan 28, 2003
    Messages:
    49
    Here's the situation:

    I have a server computer with two NIC's. One goes to the DSL modem, and one goes to my LAN. It, like all the computers on the LAN, is running WinXP and ZoneAlarm Pro.

    WinXP on the server computer shows three networks:

    1) The modem to the ISP. This gets a dynamic IP from the ISP.

    2) The server to the modem. This shows an IP of 169.254.137.126, with a subnet mask of 255.255.0.0.

    3) The server to the LAN. This shows an IP of 192.168.0.1, with a subnet mask of 255.255.255.0.

    The problem:

    When I start up my client computer, ZoneAlarm pops up an alert that says, "The firewall has blocked Internet access to your computer (NetBIOS Session) from 169.254.137.126 (TCP Port 3274)(TCP Flags: S).

    What the heck is this? I thought the NIC with that IP address was separate from the LAN...it has a different IP and subnet mask. So what is this access that the client's ZoneAlarm has blocked?

    Should I do anything about it? I was wondering if I should tell the client's ZoneAlarm to accept traffic from the 169.254.137.126 IP, but on the other hand, letting it block it doesn't seem to be causing any harm. I can still access the internet, and all the resources of the server (drives, printers, etc) just fine.

    Pretend I know nothing about this subject (close to the truth), and explain this to me, please.
     
  2. Rockn

    Rockn

    Joined:
    Jul 29, 2001
    Messages:
    21,334
    You really only need one Firewall and it should be at the "server". If you are using something like ICS or other proxy you really don't need the firewall. If you want to use it your ZA needs to be set up like this, go into the advanced settings and on the general tab set "This computer is an ICS gateway" and set the local address to 192.168.0.1
    Go to the local zones tab and go to the adapter subnets list and select the adapter for your local network. Click apply and try again. The ICS server should also be set to allow DNS and DHCP
     
  3. Anthony2816

    Anthony2816 Thread Starter

    Joined:
    Jan 28, 2003
    Messages:
    49
    You know, I've often wondered about that. I guess the only reason I've been running Zone Alarm on the client computers is because when you initially set it up, it gives you the option to declare the computer either an internet gateway, or that it's a client of a gateway. I figured if they put that in there, then they expected you to install it on all the computers. So it is, indeed, safe to remove ZoneAlarm from all the client computers? (They don't need protecting from each other).
    I think I already have things set up like this. But I'd happily remove ZoneAlarm from all but the server if that's all that is needed.
     
  4. Del

    Del

    Joined:
    Aug 31, 2001
    Messages:
    3,452
    You should be able to run it on just the host computer. That is your firewall.
     
  5. Anthony2816

    Anthony2816 Thread Starter

    Joined:
    Jan 28, 2003
    Messages:
    49
    Something else just occurred to me. One benefit to running ZoneAlarm is that it monitors outgoing traffic, alerting me to the attempts of trojans and spyware to "phone home", as well as if anything alters programs like Internet Explorer. If I take ZoneAlarm off the client machines, I'll no longer have that protection, right?
     
  6. Del

    Del

    Joined:
    Aug 31, 2001
    Messages:
    3,452
    The firewall on your host machine should catch any outgoing traffic you don't permit.
     
  7. Anthony2816

    Anthony2816 Thread Starter

    Joined:
    Jan 28, 2003
    Messages:
    49
    That doesn't seem to be how my ZoneAlarm setup is working. If I run the LeakTest 1.2 program (from grc.com) on the server, ZoneAlarm pops up and asks if I want to allow it. But if I run it on a non-ZoneAlarm'd client, LeakTest sails right through.

    As I understand it, ZoneAlarm keeps a record not just of the names of the programs to which you've given permission to have outside access, but also watches their size and time/date stamps, so that it can tell if a trojan/virus has modified the program. But if ZoneAlarm is only on the server, and the program in question is on a client, it would seem that ZoneAlarm can't do this function.

    In any case, it seems either I've done something wrong in my ZoneAlarm configuration on the server, or that I also need to run ZoneAlarm on the client computers, if I want outbound as well as inbound protection.
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Zonealarm netbios block
  1. Whirlwind
    Replies:
    10
    Views:
    432
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/115758

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice