I have Zone Alarm running at home, to keep the malevolence off my PC. Of course, since I run so much junk on there (It's really high time to frag the thing and start over.) the firewall looks like swiss cheese, it has so many holes in it. At this point, ZA is doing more to prevent me from working than from actually working.
Case in point. I installed the new printer last night, and for the life of me, couldn't get it to print. I could connect to it via telnet, or via it's internal web server. I could configure it, ping it, and pull SNMP info from it. The only thing I couldn't get that printer to do was to print. So... dust of Ethereal and take a look. Exactly what was happening here?
I start off every Ethereal trace with a simple PING, so I have a reference point in the trace. I can easily search on ICMP packets and get a quick bead on the info I want. If you do most of your sniffing with the NIC in promiscuous mode (not what it sounds like, to you networking newbies), you're going to need some kind of reference, as well as good filtering. So I ping WIDELOAD, which is the name for the new printer, by IP. The ping returns fine. I go through printer setup on my machine, which generates a boatload of SNMP traffic. Simple enough, there. Then, I go to print.
Nothing. No Tx, no Rx, no nothing. Something is preventing me from even sending to the printer. This is when I first suspect ZA. So do I turn off ZA to see if it will work? Of course not. I go through and try all kinds of different drivers, and port settings (9100 for HP JetDirect vs. 515 for standard LPR printing), finally downloading HP's network printer setup wizard, and giving that a go. After all that frustration, I finally turn off Zone Alarm. The test page I sent over 20 minutes ago finally rockets right on through. Amazing.
Now for the real test. I go to CareBear's machine, and turn off ZA immediately. Then I set up the printer, and fire off a test page. Goes right on through. Now, here's the weird thing: I turn ZA back on, and send yet another test page. It, also, rockets right on through. So whatever packet blocking was going on, it seemed to be part of setup and not printing, in this case. I may try a few more experiments with setup later tonight to see what, exactly, is getting blocked. I'll install an old copy of TINY Personal Firewall to get a closer look, since it has much better logging. For now, I'm happy with the temporary result. More later.
2 comments:
I love the new printer. The 50 sign up sheets I gave the Prez at this morning's meeting were greatly appreciated. The pages nearly fly out it is so fast.
Ah, I see that the Spooler subsystem was actually blocked in Zone Alarm. I have no recollection of having blocked that for any reason, but there it is. Works fine now.
Post a Comment