I'm not sure if here is the best place to post this. I have NAV and sygate firewall pro 2.1. no problems, util 4 days ago, every now and then when i'm posting or previewing a post, i see sygate's icon turning into red. looking at the log, i see it blocked my dsl setup page 192.168.1.254. I believe this issue is just a matter of settings. I have cookies enabled for the board, along with the always accept warning i got orignially from sygate about 207.218.251.60. this is what sygate's log said. any suggestions?


Ethernet II (Packet Length: 60)
Destination: 00-50-f2-c8-ee-76
Source: 00-06-25-d8-ed-9f
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 49
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x1fbd (Correct)
Source: 192.149.252.43
Destination: 10.10.10.5
Transmission Control Protocol (TCP)
Source port: 43
Destination port: 3194
Sequence number: 463763500
Acknowledgment number: 52448139
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Checksum: 0x6f6d (Correct)
Data (0 Bytes)

Thats the server IP for this board.

If you type http://207.218.251.60 to your browser you will end up here too so nothing to worry about ;)

I knew that, i was asking the block it self to my dsl. this happens only with this site/ip

I think thats some sort of warning cause your firewall did notice that the server ip changed from the old IP to this one.

Some spyware hijack's domain names and most firewalls notice that - in this case the IP did really change so maybe you have to change your settings somewhere to "tell" your firewall that it is the real ip :)

Sorry if i cant help more since i don't have that firewall - maybe another user knows how to make that settings

Good luck !

thx. balamm the expert may assist me on this one.

another came thru but i bit different, just when i was posting. the only way for me to post was to "allow all", post, then change it back "normal"


Ethernet II (Packet Length: 70)
Destination:  00-50-f2-c8-ee-76
Source:  00-06-25-d8-ed-9f
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
 .0.. = Don't fragment: Not set
 ..0. = More fragments: Not set
Fragment offset:0
Time to live: 63
Protocol: 0x1 (ICMP - Internet Control Message Protocol)
Header checksum: 0x10a5 (Correct)
Source: 192.168.1.254
Destination: 10.10.10.5
Internet Control Message Protocol
Type: 3 (Destination Unreachable)
Code: 4 (Fragmentation Required, but the Do Not Fragment flag is set)
Data (32 bytes)

Why are you using Sygate 2.1 ? :blink:

The latest is 5.1

The icon changes color normally, green or pale blue for normal, allowed communications, and red for blocked or checking. I never pay any attention to it.

You should get a pop up asking permit or block with the "always" option checkbox.

decide what you want based on the URL in the IE address bar, or the outbound or remote connection ID and protocol shown in the pop up.

If you aren't sure, do nothing. If your page won't open, close it and reopen it.

If you need an updated firewall, PM me.

thx for the reply. yes it's 5.1 build 1615s, i don't know why i wrote 2.1. I got the pop up for the boards IP and selected YES-ALWAYS. the closing and opening of IE doesn't always work, either I have to wait couple of minutes or so (until such block times out) OR select ALLOW ALL OR simply EXIT and Open sygate.

09/07/2003 23:55:14 Blocked ICMP Incoming 10.10.10.5 4 192.168.1.254 3 25 09/07/2003 23:54:27 09/07/2003 23:55:13 Block_all (*rule name*)

Yeah, Sygate can be stubborn at times. Better that than missing things though. I wonder if it's the banners you're seeing?

Or.... you mentioned your setup page ????

Is it maybe DHCP refreshing your lease?

I don't see the banners, probably blocked by sygate (don't have other program that would do so). the setup page for my dsl is 192.168.1.254, it's web based instead of software based like ewire or other mdms. The DHCP was a good tip, but that doesn't seem to be the issue. both my modem setup and linksys are setup for 1 day.

btw, i isolated the problem to sygate by connecting the cable directly to pc (w/o linksys) and rebooted w/o sygate. ip is not blocked and ur site is working fine (slow at times though).

what i still don't understand is why just http://www.klboard.ath.cx ??? all other sites, i mean all (other boards too) are working fine and fast.

There is something here I think. I have to restart or reinstall IE every once in a while as it seems to breakdown. Almost as if it's been stressed. It may be in the DynDNS connections or in hidden code- someone mentioned a "hide script". ??

don't laugh, but are u talking about me or an issue u have??? :lol:

It may be in the DynDNS connections or in hidden code- someone mentioned a "hide script".

I think this was related to your question, no?

ISP? possible, I'm looking at the packets history now and i see some that i'll share'em shortly.

btw, wats the site name for ur banners so i can remove it from ie and sygate. just in case.

click on them and you'll have it/them ;)

i have to do a little more research, but i'll catch it. that tip is giving me a new twist about this!!! hmm...

btw, testing my login

testing login

as for the banner, top right is blank and no link "blue bar".

The other night I was reading a post by some spanish guy on some forum(the mods translated to english) that the last good build of sygate personal firewall pro was 5.0 build1150. Well then, I thought, I'll have to get that version. After more than 24 hours of on and off searching on google and a bloody battle with my registry, I finally found the right version at www.iron.dynip.com. Do companies(microsoft does this) try to make it hard to get older, confiscated versions of certain software? Anyway, I remembered Paul saying programs change your system in a way that makes it hard to go change back. He was right, I cleaned the registry of any sygate entries but now it "remembers" my original install(first i did 5.0pro build xxxx(not 1150) then i did 5.1pro ver1650 now i have5.0 pro ver1150) and now I only have 3 days left until it runs out. SHIT. Anyway, some facts about sygate:
1)there are some bugs, esp. in newer versions. The most common one is it "forgets" your application rule settings and advanced rules. The most serious one is it doesn't load at startup automatically, and clicking the icon doesn't start it. PM me if you want to know the "correct" settings under the "options" drop down link. Sygate "likes" for you to have things a certain way, and I cannot explain here because of space.

2)sygate is not good for beginners, imo. What happened in this case is a good example

3)the advanced rules are skipped if sygate decides they confict, they are wrong, ect....... When an advanced rule is skipped, sygate uses your applications rule instead.

4)if you want to know a "safe" way to configure unknown things, take allow the few ip-isp things like svchost.exe according to the sygate forum advice and everything else go to applications settings and allow everything but go in advanced and take away server privelages and pinging.

5)i suspect the order in which advanced rules appear in the advanced rules window MIGHT be the actual order in which sygate looks at them

Advanced rules? what for? I just looked to see if I had any and No, I don't. Never have.
It's a yes or no answer when something wants in or out. If you don't know, don't answer. It's that simple.
If it's a problem, close and reopen the program that wanted access and choose yes this time.
Don't spend so much time trying to do what your firewall was designed to do. You'll end up like those people who spend all their time cutting off other kazaa users.
I don't know what tool or method you're using to clean your registry but it apparently needs to be changed. I have no problems installing whatever build I choose to in any order i choose to.

balaam, are you serious? the smart netbios only blocks tcp 135,138,139 and 445. Depending on what boxes are ticked, sygate might block some others, but not many. I have tcp 4444, udp 69, tcp 666-765, tcp 5000, udp 1900,5000, incoming blocked along with some ip addresses of lamers who tried some dumb sh*t and a few other misc. things. As far as advanced rules go those are my core rules.



You'll end up like those people who spend all their time cutting off other kazaa users.


I didn't read that thread so I don't understand that.


I don't know what tool or method you're using to clean your registry but it apparently needs to be changed. I have no problems installing whatever build I choose to in any order i choose to.

Basically, I was installing the wrong version over and over, but it doesn't matter now because I finally found a site that was offering build1150 AND giving build1150. Many offered but it was build 1117 or another build. Someone has already made fun of me for not understanding the registry so, tchau or however you say it.


Don't spend so much time trying to do what your firewall was designed to do.

It may sounds kkrraaaazzzzyyyyyyyyy but I like fooling with my firewall. I hated trying to find build 1150 but its over now.

Are you saying you have netbios enabled? why? It's the first thing I disable during the installation of any operating system.

I believe I have 11 ports open at the most and none of them will communicate without my permission.
I see all sorts of incoming shit but it's all speculative random probes. If you don't answer, they don't know you exist.
Even with IIS running, No-one has ever gotten past my security. I've never had a trojan and the only virus I ever had to deal with was one that I was stupid or curious enough to play with.
I used to see attempts in the thousands in my W3SVC1 logs. Now I rarely pay attention because they mean nothing. My patches, firewall, and AV are that good.

***UPDATE****
After almost a month of this issue, i'm still at ground zero :( this is what i've done so far (not in order): tried the tips posted here
tried sygate's forum
contacted sygate, they blame isp or router
search my isp's forum
contacted my isp, they blame fw software or router
searched linksys forum
contacted linksys, they came up w/no solution. at least they didn't blame anyone and they really tried to help me (eventhough i know it's the router causing this)
tested sygate by itself on my test pc (which has the minimal required files to run win 2k
searched google and related links
setup my test pc, w/a fresh install, on dial-up, different isp
tested many other boards/newsgroups (no problems found)
I hope this post is not misunderstood, yet the only logical option i'm constantly approaching is this board. I'm at the point where I have to "ALLOW ALL" on sygate's whenever I visit this board (please note this issue occurs MOST of the times while dl/ul on this board). yet, when I want to browse others, I put it back to "NORMAL". I am truley at a loss and hope someone, anyone can show me the light that I know exists at the end of that tunnel. :)

I just skimmed the thread, so sorry if this has been discussed. I think it's an IE issue think balamm mentioned. What browser are you using? I'm using Opera 7.20 & Sygate Pro 5.1. I have it set to normal & no problems. Hope this helps.

I've tried 4 browsers. currently running opera 7.21. i doubt it's the browser tho. :(

Originally posted by balamm@8 September 2003 - 15:55
Are you saying you have netbios enabled? why? It's the first thing I disable during the installation of any operating system.

I believe I have 11 ports open at the most and none of them will communicate without my permission.
I see all sorts of incoming shit but it's all speculative random probes. If you don't answer, they don't know you exist.
Even with IIS running, No-one has ever gotten past my security. I've never had a trojan and the only virus I ever had to deal with was one that I was stupid or curious enough to play with.
I used to see attempts in the thousands in my W3SVC1 logs. Now I rarely pay attention because they mean nothing. My patches, firewall, and AV are that good.
How do I disable netbios?

I have xp pro by the way.

I have Sygate Pro 5.1.1615s (latest version) and it works fine. No problems at all. It's only a bit slow while booting.

Perhaps stealth mode browsing is the problem? (I have it disabled)

How do I disable netbios?

I have xp pro by the way.
XP, right click on the connection icon either in the tray or in network connections. Go to properties/... tcp/ip......... advanced
Click on the WINS tab and look for "disable netbios...". Check the box. It should be fully disabled.

You might also have to disable netbios helper in services.msc

Some systems enable the helper and some don't. Just another MS quirk.

Originally posted by nikita69@1 October 2003 - 06:13
***UPDATE****
After almost a month of this issue, i'm still at ground zero :( this is what i've done so far (not in order): tried the tips posted here
tried sygate's forum
contacted sygate, they blame isp or router
search my isp's forum
contacted my isp, they blame fw software or router
searched linksys forum
contacted linksys, they came up w/no solution. at least they didn't blame anyone and they really tried to help me (eventhough i know it's the router causing this)
tested sygate by itself on my test pc (which has the minimal required files to run win 2k
searched google and related links
setup my test pc, w/a fresh install, on dial-up, different isp
tested many other boards/newsgroups (no problems found)
I hope this post is not misunderstood, yet the only logical option i'm constantly approaching is this board. I'm at the point where I have to "ALLOW ALL" on sygate's whenever I visit this board (please note this issue occurs MOST of the times while dl/ul on this board). yet, when I want to browse others, I put it back to "NORMAL". I am truley at a loss and hope someone, anyone can show me the light that I know exists at the end of that tunnel. :)
so you tried 5.0probuild1150 and it's still giving you the problem?

@Paul - i've tested in the past and didn't resolve the issue, i'm currently testing it on my TEST PC (i'll try it for the next several hours to see if it works on a minimal installed OS)
@MediaSlayer - yes i've tried ur tip and was the same case on this on the TEST PC, didn't resolve the issue.

EDIT: I had to ALLOW ALL and with STEALTH MODE OFF to post this from my TEST PC, yet i'll continue testing. thx to all and i'll post an update later. :)

****UPDATE*****
have been using my TEST PC for several hours now and have turned off STEALTH MODE, yet it didn't resolve the issue. Also, I confirmed that even with that feature on, the board was able to capture my OS and Browser version.

ok nikita here's some relevant settings under options:
general tab-
Hide sygate personal firewall pro system tray icon. unchecked
Automatically load Sygate Personal Firewall Pro service at startup. checked
Block network neighborhood traffic while in screensaver mode. unchecked

network neighborhood-
allow to browse network neighborhood files and printers. checked
allow others to share my files and printers. unchecked,but if you have filesharing probs check it

security-
enable intrusion detection system. checked
enable portscan detection. checked
enable driver level protection. unchecked
enable stealth mode browsing. unchecked
block all traffic while the service is not loaded. unchecked
automatically block attackers ip address for xxx seconds. checked
enable dll authentication. unchecked
enable anti-mac spoofing. checked
enable anti-ip spoofing. unchecked
enable os fingerprint masquerading. unchecked
netbios protection. checked
enable smart dns. checked
enable smart dhcp. checked

I hate to disappoint u Media and truly appreciate ur persistance to help, yet those setting did resolve it. Balamm has suggested to me in the past similar settings and those didn't resolve it either. I'm still stuck at ALLOW ALL when browsing only this site. i dono anymore. i may have to settle by switching back and forth. :( It just bothers me that I can't figure it out, thinking logically, there is a solution and the only way I can resolve is by figuring out the cause first.

So you haven't created any odd rules that would complicate anything? This is what my services panel looks like in XP. Nothing fancy, the only thing blocked at the moment is generic host processes. everything else is set to ask. If IE doesn't look like mine does, unblock it by right clicking and simply set it to ask. No other rules. Choose on a case by connection basis.

http://members.shaw.ca/eyeindasky/sygate.jpg

uuuuhhhhhh maybe i should've included more text with my last post. Those settings are only part of what you need. Not only that, but it has been verified on the sygate forum that it's best to do a clean install and set the correct settings immediately. I don't recommend upgrading and overwriting over a previous version. Also on the forum there are some threads that mention corruption caused partly from bad configuration or setup. Another reason to start from stratch. Clean install doesn't just mean clicking "uninstall" you have to check the forum I never saved the text sorry they recommend deleting some leftover registry files associated with sygate just to be on the safe side. If you already knew all that, great. Once you do a clean install, allow everything that pops up and immediately set all the options correctly and post a screen shot of the *traffic log* after opening ie. The bottom of the log is what I want to see, that's when it first makes connection. It could be browser related all my ie settings are custom including cookies. Also note which programs are visible in your tools>applications window in sygate and of course verify the version with the about button to make sure it says version5.0probuild1150. Also, I'm offering not telling so feel free to do what works best for you.

@balamm - No, no rules were/are created. My service pannel has the followings: NT Kernel & System - ASK
Generic Host Process for Win32 Services - ASK, yet i'm gonna find out what is using this service
Application Layer Gateway Service - ASK
Opera Internet Browser - ASK
@Media - I found the CLEAN INSTALL process and posting it here for future reference to anyone. I'll try it and post again with the results.

IMPORTANT NOTE: One time while I was on Sygate's forum and posting, it caused the same effect as when I post here. However, with this board, many times I have to ALLOW ALL just to browse. Another important note, that I missed to mention before is if I'm not logged in to this board and browsing all over the forum, Sygate doesn't block anything.

Products:
Sygate® Personal Firewall
Sygate® Personal Firewall Pro


Operating systems:
All supported operating systems.

Details:

To be sure you have a clean uninstall and reinstall of SPF please do the following.
First uninstall SPF via the uninstall wizard then reboot. Then once up please do the fallowing.

Run a system search (start> search> files and folders) for anything related to Sygate, Sybergen or SPF and delete it.

Now Click "Start" >> "Run" and type "regedit"; Now locate and delete the following folders if found: (Please note: if you do not find any of these that is fine you just want to be sure that there are no conflicts and that you get a clean install)

For 95/98 & ME:
HK_LOCAL_MACHINE\software\winsock2\wps
HK_LOCAL_MACHINE\software\sygate technologies, Inc.\Sygate Personal Firewall

Now run a system search (start> find files and folders) and remove the following.
“Teefer.vxd” (windows\system\teefer.vxd)
“Wps.dll” (windows\system\wps.dll)

For NT & 2000/XP:
HK_LOCAL_MACHINE\software\winsock2\wps
HK_LOCAL_MACHINE\software\sygate technologies, Inc.\Sygate Personal Firewall
HK_LOCAL_MACHINE\system\currentcontrolset\service\smcservice
HK_LOCAL_MACHINE\system\currentcontrolset\service\teefer
HKEY_LOCAL_Machine/software/Microsoft/windows/currentversion/uninstall/{5D422994-9E10-11D4-AEB1-00D0B7237D97}

Now run a system search (start> find files and folders) and remove the following.
“Teefer.sys” (winNT\system32\drivers\teefer.sys)
“Wps.dll” (winNT\system32\wps.dll)

For XP:
“Teefer.sys” (windows\system32\drivers\teefer.sys)
“Wps.dll” (windows\system32\wps.dll)

Then reboot. Once back up disable all security (Please note: if running XP please be sure you have disabled it built-in firewall ICF) and anti virus software and reinstall SPF.

Please Note: When dealing with the system registry you will need to be careful so only remove the listed folders as they relate to Sygate and SPF.

Keywords:
clean install, clean uninstall, corrupt

Last edited by Chris on 09-19-2002 at 12:23 PM

i'm guessing its either your router or your browser(opera) but i'll post back in a few minutes or a few hours

***UPDATE*** I found my MTU set to 1500, so I did the test c:\> ping -f -l 1500 www.my-isp-name.com (http://www.my-isp-name.com) and got on all tries, "Packet needs to be fragmented but DF set. with a loss of 100%. So, I kept reducing the MTU until 1464 and that pinged @ 254 w/a loss of 0%. Then I followed the above steps for the CLEAN INSTALL
Eventhough I changed the MTU to 1464 and did a clean install, the problem has changed now. Before it used to block incoming source 192.168.1.254 (which is my DSL Modem), now SPF is blocking 10.10.10.1 (my linksys router) IMPORTANT NOTE: I have noticed the following: This board:
When I browse this site while not logged in as a member, I face no problem-even if i have all security option checked.
when I log in to this site sometimes the block occurs imediatley as I borwse, or only when I post/preview and/or after about 5-10 minutes of browsing and posting.
Sygate's Site:
Same as this site on the first point
Only when I post/preview
Regarding the browser, that wouldn't be the issue since I got the same results on 4 different browsers. As for the router, eventhough I doubt it, I'm not ruling it out yet.

nikita I don't know nothing about routers, only firewalls. If you had a cable connection your problem would probably already be solved, but that's a guess. Still no *traffic* log, but hey, I don't even know if that would help because you said sygate isn't blocking anything at all. here is a paste that you might find helpful, then again it may be common knowledge. the source is unknown

Paste:Configure Your Router

If you use a router to connect to the Internet, you probably need to configure it to allow the Remote Desktop connection to your computer. For more information on routers and firewalls, see my Internet Firewalls column. You need to forward two ports to your Windows XP Professional-based computer: TCP port 3389, which Remote Desktop requires, and the port you specified in the TCP Port field in Internet Information Services (or TCP port 80 if you did not change the default). If you use Internet Connection Firewall (and you should!), see How to Manually Open Ports in Internet Connection Firewall in Windows XP for instructions on allowing traffic by TCP port.

I'm sure you already know that, but what the hey, ..good luck

Originally posted by MediaSlayer@3 October 2003 - 04:07
nikita I don't know nothing about routers, only firewalls.  If you had a cable connection your problem would probably already be solved, but that's a guess.  Still no *traffic* log, but hey, I don't even know if that would help because you said sygate isn't blocking anything at all.  here is a paste that you might find helpful, then again it may be common knowledge.  the source is unknown

Paste:Configure Your Router

If you use a router to connect to the Internet, you probably need to configure it to allow the Remote Desktop connection to your computer. For more information on routers and firewalls, see my Internet Firewalls column. You need to forward two ports to your Windows XP Professional-based computer: TCP port 3389, which Remote Desktop requires, and the port you specified in the TCP Port field in Internet Information Services (or TCP port 80 if you did not change the default). If you use Internet Connection Firewall (and you should!), see How to Manually Open Ports in Internet Connection Firewall in Windows XP for instructions on allowing traffic by TCP port.

I'm sure you already know that, but what the hey, ..good luck
no she already has ports forwarded and dmz host is set also she said that when not using the router and connecting strait form modem she still has this problem,i think its the firewall

doesn't he have dsl though?

Originally posted by MediaSlayer@3 October 2003 - 05:11
doesn't he have dsl though?
ya

unfortunately i don't know how dsl works but i bet someone like you or balaam or shadow will help him. peace

Originally posted by MediaSlayer@3 October 2003 - 05:56
unfortunately i don't know how dsl works but i bet someone like you or balaam or shadow will help him. peace
i have dsl with linksys router and have spoke to her and imo it sounds like the firewall because she says when she allows every thing with firewall then the problem does not exist but as soon as the firewall is enabled it comes back, having said that in my imo balamm would know alot better than i wouldhttp://www.klboard.ath.cx/html/emoticons/beerchug.gif

***UPDATE***
The followings have been ruled out as the cause: Linksys Router - Connected to the Internet without it and still have the same problem
Browser - Tried several browsers with minimal settings
ISP - Reviewing the logs without SPF open, this issue is not blcoked
MTU - Tried several settings accordingly with the ISP's recommendations
PC environment - Tested on several types of environments, one of which was a PC with basic Win 2K installation and Sygate, no other software were installed
15 other Boards - Tried other boards with ALL features in Sygate's SECURITY tab checked and I was able to browse, post & review without any problems.
The followings have not been ruled out as the cause: Sygate Personal Firewall Pro v5.1 build 1615s
This board & the other - possible site coding??

I feel for ya. It sucks. I say now it's a program conflict. Are you running any resident AV & if so what is it? Do you have any other progs that are constantly monitoring like some antispywareguarders etc. (made up a word cause the real words are too similar to real progs)?

@zapjb - none of the above. as i said in previous posts, all these tests where done on several environments. One of which was a test pc with minimal win2k OS and sygate pro v5.1 build 1615s. :(

The followings have not been ruled out as the cause:
Sygate Personal Firewall Pro v5.1 build 1615s
This board & the other - possible site coding??
earlier I said the above, well now I'm adding Yahoo mail. the same occurs after I log in and either send/receive mail or click on the mail functions link (not the ads).

With this, could it be the possibility of these sites' webpages code(s) that are causing this? :unsure:

before I jinks myself, I only testing the results of the trick I found. Wish me luck :)

GL :)

All working well now and this was the trick (the highest MTU able to ping on mine is 1472): Find the IP address of your gateway. If you're using Windows 2000 or XP, run IPCONFIG at a command prompt on the Host computer. If you're using Windows 98 or Me, run WINIPCFG on the Host computer. Either way, you'll get an address that looks like xxx.xxx.xxx.xxx (where the x's represent numbers).
Then, go to one of your Client machines, and type the following: PING -f -l 1500 xxx.xxx.xxx.xxx
(where xxx.xxx.xxx.xxx is the gateway address you obtained in the first step). You'll probably get an error message indicating that it must be fragmented. If you do, type the following:
PING -f -l 1492 xxx.xxx.xxx.xxx
If that doesn't work, try this:
PING -f -l 1454 xxx.xxx.xxx.xxx
The numbers in each of these examples (1500, 1492, 1454) are the MTU values. Continue issuing this command with lower and lower MTU numbers until you get ping responses instead of an error message. The highest MTU value that works is the one you need to be using. If an MTU of 1500 (the first command, above) does not produce an error, then this solution won't work for you.
The next step is to configure all your Client computers to use the new, lower MTU as the default for all Internet communication.

Windows 2000 and XP: Run the Registry Editor (REGEDIT.EXE) on one of your "Client" machines.
Navigate to HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ Tcpip\ Parameters\ Interfaces
There should be several subkeys under the Interfaces key; most likely, you'll find three. View the contents of each key by clicking, and find the one that corresponds to your primary network adapter; it will be the one with more values than the other two, and will have an IP address value set to something like 192.168.0.x.
Once you've found the correct subkey, create a new DWORD value in it (Edit -> New -> DWORD Value), and name the value MTU.
Double-click the new value, choose the Decimal option, and type the MTU value determined above.
Click Ok when you're done - you'll need to restart Windows for this change take effect.
Repeat this for each Client machine.
Windows 98/Me: Run the Registry Editor (REGEDIT.EXE) on one of your "Client" machines.
Navigate to HKEY_LOCAL_MACHINE\ System\ CurrentControlSet\ Services\ Class\ Net\
Under that branch, find a key (numbered, such as 0005) that contains has TCP/IP assigned to the DriverDesc value.
Select New from the Edit menu, then String Value, and type MaxMTU for the name of the new value.
Double-click the new value, choose the Decimal option, and type the MTU value determined above.
Click Ok when you're done - you'll need to restart Windows for this change take effect.
Repeat this for each Client machine.

Thank you all for your help and I'm taking this issue as a good experience and knowledge. Rest assure that I'll spread the word out next time I see someone with the same problem (I hope u would too). Thx again. :) :) :) :)

BTW, Sygate Security tab has all options checked and working like a charm in every site I visit, including the 3 sites that WERE in question. :)

Excellent. I must be dense I didn't catch on that you were running a network. I thought this was a single computer problem.