> >>Zone Alarm stores its config. files in %windir%\Internet Logs\* . But strangely, > Isn't it supposed to store logs ? My english knowledge is probably too poor.
The folder name would suggest that. I raised an eyebrow when I saw that too. > >>EVERYONE: Full This means that anyone / anything which can access / see this folder can CHANGE anything about that folder (including permissions) without being stopped by the file system. > As everybody knows, windows * is a single user system Not true, windows NT is a multi user kernel, although you only have a single client access license and as such you can log on one at a time to windows xp. Windows * Server is different, typically you get 5 CAL's straight away (although licensing all changed again in 2k3 and I have not yet learnt the changes). > only install zonealarm, no other software, especially no software using > this directory for storing any kind of information. As I understand the What? > zap answer: Kidding with file permissions is not an issue on any os... > unless, maybe, if you wish to use your system. File permissions are VERY important to security, even with very high vigilance in all other areas you can be fully "rooted" (exploited / attacked) if your file permissions are set wrong in the wrong place. THE POINT: Providing ZA includes this folder in its integrity checks (I have yet to have the time to start on this project, and so I cannot verify that it does, although the messages in this thread indicate that this folder contains not logs, but configs -_^ ) then ALL YOU NEED TO DO, is to change the folder permissions to EVERYONE: DENY, and NTFS will not EVER allow you to recover this folder. ZA will thus never operate properly on this machine again. In order to restore the file permissions you will need a third party NTFS driver (in short, this would be very very bad). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
