Error - template LAYOUT-DATA-WRAPPER not found

A configuration error was detected in the CGI script; the LAYOUT-DATA-WRAPPER template could not be found.

Error - template STYLE-SHEET not found

A configuration error was detected in the CGI script; the STYLE-SHEET template could not be found.

Error - template SUB-TOP-BANNER not found

A configuration error was detected in the CGI script; the SUB-TOP-BANNER template could not be found.
Subject:
Re: Zone Alarm update
From:
David Gillett <[log in to unmask]>
Reply To:
PCSOFT - Personal Computer software discussion list <[log in to unmask]>
Date:
Fri, 16 Sep 2005 00:33:40 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (48 lines) 
On 15 Sep 2005 at 16:17, Bill Cohane wrote:

> I've noticed two improvements after installing the update. I used to
> experience delays when attempting to download my email using Eudora.
> (About half the time my attempt to logon to Road Runner's POP3 email
> server would seem to hang and I'd have to cancel it and try again.)
> Now my email downloads almost instantaneously. Zone Labs did say that
> the update addresses problems that the older version caused with
> downloading email.


  Many firewalls have two different ways of rejecting blocked traffic.  One
is to just ignore it, and the other is to send an actual rejection message
back.  (Each has its pros and cons.)  The "ignore" option is considered most
secure, and if a firewall only blocks traffic in one way, that is usually
it.

  When a client (your computer) connects to a POP server, in most cases the
POP server won't actually start message download right away.  For historical
reasons, most POP servers will first try to connect back to the client using
the obsolete "ident" protocol on TCP port 113.
  Since this protocol is obsolete and unused at the PC end, the firewall
will block it.

  The server will try three times before it gives up and proceeds with the
POP download.  If the firewall sends a rejection in response to each
attempt, this process takes less than a second.
  If the firewall just ignores the server's first "ident" attempt, the
server will allow 30 seconds for the attempt to time out, and then try a
second time.  So if the firewall does not send rejections of blocked "ident"
traffic, POP download will be delayed by up to 90 seconds....

  So while ignoring blocked traffic is generally the most secure thing to
do, POP performance is improved if the firewall makes an exception for
"ident" rejections.  A really smart firewall might only send rejections for
"ident" attempts that follow establishment of a POP connection.

  It rather sounds like this is probably one of the enhancements made to
Zone Alarm.  It wouldn't necessarily have any impact on any other traffic,
whether permitted or blocked,

David Gillett

               The NOSPIN Group Promotions is now offering
                 our special coffee cups and mouse pads
              with the PCSOFT logo...  at a great price!!!
             http://freepctech.com/goodies/promotions.shtml

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG Secured by F-Secure Anti-Virus CataList Email List Search Powered by LISTSERV