IE bypasses Zonealarm

  • Thread starter Thread starter Antonicus
  • Start date Start date
A

Antonicus

I have Zonealarm Version 7 and use Opera and Firefox exclusively on
XP.

However recently I brought up the IE browser which is hidden in
Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
left and click jump to URL)

I was able to connect to www.aliceinvideoland.co.nz and use its
search functions( even though there was a specific block on " Mobile
code" Zonealarms name for a mix of Javascript, vbscript, Java and
Active X)

Opera and Firefox were unable to get through this block to operate the
search function as one would expect.

When this block was removed Firefox and Opera could then access the
site to use the search function.

This implies that this embedded IE is able to do an end run around
firewalls even though the Firewall is specifically set to black code
from a specific site.

I must admit to be most unpleasantly surprised when IE broke security
in this fashion.
 
Now pull the other one.

Antonicus wrote:
> I have Zonealarm Version 7 and use Opera and Firefox exclusively on
> XP.
>
> However recently I brought up the IE browser which is hidden in
> Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
> left and click jump to URL)
>
> I was able to connect to www.aliceinvideoland.co.nz and use its
> search functions( even though there was a specific block on " Mobile
> code" Zonealarms name for a mix of Javascript, vbscript, Java and
> Active X)
>
> Opera and Firefox were unable to get through this block to operate the
> search function as one would expect.
>
> When this block was removed Firefox and Opera could then access the
> site to use the search function.
>
> This implies that this embedded IE is able to do an end run around
> firewalls even though the Firewall is specifically set to black code
> from a specific site.
>
> I must admit to be most unpleasantly surprised when IE broke security
> in this fashion.
 
Would you like to come over and try for yourself? Flights are cheap at
present.

Antonicus

On Aug 28, 6:17 pm, "PA Bear" wrote:
> Now pull the other one.
>
> Antonicus wrote:
> > I have Zonealarm Version 7 and use Opera and Firefox exclusively on
> > XP.
>
 
Last edited by a moderator:
It is actually Microsoft HTML Help Executable (hh.exe) rather than
Wordpad or Internet Explorer that is bypassing your security settings.
You can verify this by opening any compiled help (*.chm) file. I had
not known that this could be used to bypass Zonealarm, but it has long
been a security concern in Citrix/Terminal Services environments.

Regards,

J Wolfgang Goerlich

On Aug 28, 1:48 am, Antonicus <anthonyleal...@gmail.com> wrote:
> I have Zonealarm Version 7 and use Opera and Firefox exclusively on
> XP.
>
> However recently I brought up the IE browser which is hidden in
> Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
> left and click jump to URL)
>
> I was able to connect towww.aliceinvideoland.co.nz and use its
> search functions( even though there was a specific block on " Mobile
> code" Zonealarms name for a mix of Javascript, vbscript, Java and
> Active X)
>
> Opera and Firefox were unable to get through this block to operate the
> search function as one would expect.
>
> When this block was removed Firefox and Opera could then access the
> site to use the search function.
>
> This implies that this embedded IE is able to do an end run around
> firewalls even though the Firewall is specifically set to black code
> from a specific site.
>
> I must admit to be most unpleasantly surprised when IE broke security
> in this fashion.
 
Oh, now I understand what...

>> However recently I brought up the IE browser which is hidden in
>> Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
>> left and click jump to URL)

....means! Thanks. You're CystalBall was working better than mine. <w>
--
~PA Bear

jwgoerlich@gmail.com wrote:
> It is actually Microsoft HTML Help Executable (hh.exe) rather than
> Wordpad or Internet Explorer that is bypassing your security settings.
> You can verify this by opening any compiled help (*.chm) file. I had
> not known that this could be used to bypass Zonealarm, but it has long
> been a security concern in Citrix/Terminal Services environments.
>
> Regards,
>
> J Wolfgang Goerlich
>
> On Aug 28, 1:48 am, Antonicus <anthonyleal...@gmail.com> wrote:
>> I have Zonealarm Version 7 and use Opera and Firefox exclusively on
>> XP.
>>
>> However recently I brought up the IE browser which is hidden in
>> Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
>> left and click jump to URL)
>>
>> I was able to connect towww.aliceinvideoland.co.nz and use its
>> search functions( even though there was a specific block on " Mobile
>> code" Zonealarms name for a mix of Javascript, vbscript, Java and
>> Active X)
>>
>> Opera and Firefox were unable to get through this block to operate the
>> search function as one would expect.
>>
>> When this block was removed Firefox and Opera could then access the
>> site to use the search function.
>>
>> This implies that this embedded IE is able to do an end run around
>> firewalls even though the Firewall is specifically set to black code
>> from a specific site.
>>
>> I must admit to be most unpleasantly surprised when IE broke security
>> in this fashion.
 
Thanks ever so Wolfgang. I have others who will be able to follow up
your directions on this.


Cheers
Anthony
 
Back
Top