|
Posted by AllenC on July 6, 2005, 5:04 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>I attempted to post the message below - only to have it not arrive at
>the local ISP server ....... UNTIL I had shut down Zone Alarm !!
If disableing ZA fixes your issue, then ZA isn't configured correctly.
>I can understand, to some extent, why text - both Eudora and Newsgroup
>are similarly affected, but VoIP "phone" calls go thro' this Buffalo
>router okay.
In this case, ZA is correctly configured to pass the VoIP traffic.
>Since the original posting, I have discovered another anomaly with
>this Buffalo router. It is exactly the same problem I had with an
>earlier - highly expensive - wired Linksys -- Namely, with Zone Alarm
>active, it just will not allow not enormously large text files with or
Your answer is in your statement:
With ZA active, things fail.
With out ZA active, things work.
Therefore, ZA is doing what it's been configured to do: block traffic.
The router doesn't enter into the issue, as you say you can send just
fine by *disabling ZA* .
If you had left ZA alone (enabled) and made some change to whichever
router, and *then* things worked, it's the router.
>If I switch Zone Alarm [3.0.26] off, then there is a slight pause
>before the message leaves, but it DOES get sent to the mail server.
See? Disable ZA, things work.
>In my copy of Eudora 3, an "activity" bar shows the file being
>uploaded. With ZAlarm activated, the blue sliding indicator in this
>bar "sticks" at some point .... this sticking point depends on the
>file size. If the file is large, the indicator swiftly comes to a halt
>close to its starting point on the left. If the file is small, then it
>may make it almost to the end of its travel. If the file is just a
>few words - then the blue slider will quickly whizz across to the
>right, and the message is sent out okay.
ZA (and every other firewall) has a small buffer to hold the data
during inspection. If ZA stops the traffic, you see this once this
small buffer is full. This is why small amounts of data seem to *just
about* make it, and larger amounts of data seem to never get very far.
FYI, I, to, use Eudora ver 3.0.5, so I know exactly what you are
seeing here =]
>Now, this occurred with my original Linksys, and the maker disclaimed
>any knowledge of why I was seeing what I again am seeing; and for the
>life of me, I can't recall for sure what, if anything I did to cure
>this problem !
Um.
Before you said you simply disabled ZA, now you say that you made a
configuration change to the router. Which is it?
>I'm just wondering if I "adjusted" the packet size somewhere in the
>Linksys setup, and whether I should try it again with the Buffalo ?
Not if you simply disabled ZA and things worked.
>I've got 3 routers here, one wired one out of China which works well &
>e'mails just whizz thro' it with Zone Alarm protecting me. An "Agilan"
>'b' type wireless router which similarly is set to make port 113
>invisible & which handles Eudora e'mails with no problems at all, and
>finally, my "upgrade" 'b' & 'g' Buffalo router into who's "Buffalo
>Chips" I have stumbled. <wry smile>.
>
>I know that I *ought* to be able to effect a "fix" - but so far,
>whenever I need to send e'mails, I ABSOLUTELY HAVE TO shut down Zone
>Alarm just to get the e'mails away --- & then remember to re-enable ZA
>afterwards.
This points to a ZA issue, not the router.
Now, about this idea you have that port 113 needs to be blocked.
Why do you think this needs to be done? I hope you understand that a
firewall is used to block traffic. Thats all. The only reason to block
traffic would be because you can't otherwise control the application
thats listening to which ever port. If you can control that
application, then you don't need the firewall to block the traffic.
So, my question is: What do you have listening on port 113 and why can
you not instruct that application to not listen? Also, is that
application vunerable to some exploit that uses port 113? If nothing
is listening, then there isn't a need to block. Last point, port 113
isn't needed to send email or post newsgroup articles, so, port 113,
blocked or unblocked, isn't the issue here.
--
*Osc on efnet aka Allen C
usenet-avc@news.packetmonkeys.com
remove 'news' & - to email
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map