olefin
Really A Texan
join:2001-07-28
Hot Springs National Park, AR
| XP Firewall and ZoneAlarm
Why use ZoneAlarm if you have the XP Firewall?
I know ZoneAlarm also protects outgoing but does it really make a lot of difference... I've read that most of the worms probably use their own SMTP engine.
Also using a router, do you still need ZoneAlarm?
I use ZoneAlarm with a Router but didn't know for sure if it's needed?
Thanks |
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
| No, if you know or think you don't need outbound protection then ZA is not needed with either XP firewall or router.
Cudni
--
Some are born to failure, others achieve it, all deserve it Help yourself so God can help you |
|
jack b
Gone Fishing
Premium,MVM
join:2000-09-08
Cape Cod
clubs:
 ·Comcast
3 edits | reply to olefin
I'd suggest keeping ZA in addition to your router.
Inbound, (if configured properly) a router gives you all the protection most people would ever need.
If a worm somehow got in and went ahead and tried to send something out ZA would flag the transmission (again, if configured properly).
--
~Help find a cure for Cancer~
~Proud Member of Team Discovery ~ |
|
olefin
Really A Texan
join:2001-07-28
Hot Springs National Park, AR | jack b
So what is "if configured properly"?
Is the XP Firewall as good as Zonealarm? |
|
Elefus
join:2004-11-30
United State | reply to olefin
I agree wtih Jack B. Layered security never hurt anyone. Besides, if you get the free ZA firewall then there should be no trouble. |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
| reply to olefin
"Is the XP Firewall as good as ZoneAlarm?"
In a word = no. The XP firewall is a very basic firewall that doesn't include many of the protection features of ZoneAlarm. The most important in my book being outbound protection. The firewall in the upcoming Microsoft operating system Vista does in fact provide outbound protection and some OS level protections as well - this also somewhat depends on the hardware you are using. My personal feeling is that these still don't offer the level of protection that ZoneAlarm does.
This subject has been debated to death time and again. Yet the question still seems to come up at least once a week. Keep in mind that the XP firewall had a flaw within it that didn't allow dial-up users to be protected when the XP firewall was active.
Microsoft windows firewall not so secure after all
»iggyz.com/blog/_archives/2004/12···650.html
Bagle variant ,can knock out Windows XP Firewall
»iggyz.com/blog/_archives/2004/11···087.html
A Google search will also turn up many articles I've done on my blog in regards to this subject.
This is the most recent one.
Do you need a software firewall or is a router enough
»iggyz.com/blog/_archives/2005/10···180.html
I personally feel that outbound protection is just as valid as inbound for a number of reasons. I've also always felt that a layered approach to security is good within reason. Layered security can be overdone to the point of paranoia. This can in fact cause usability issues. Such as what many Vista beta testers are currently seeing.
»www.google.com/search?hl=en&q=router+enough
»www.google.com/search?q=xp+firew···t=0&sa=N
2001 older thread
»Built Xp firewall is enough to protect my pc ?
--
Test Your Security Cable Diagnostics
My BLOG ZoneAlarm Help |
|
olefin
Really A Texan
join:2001-07-28
Hot Springs National Park, AR | IGGY,
Very interesting, thanks.
|
|
jack b
Gone Fishing
Premium,MVM
join:2000-09-08
Cape Cod
clubs:
·Comcast
| "Properly configured" for the firewall means all applications must ask permission to access the internet. This way anything wanting out generates an alert. It can be a pain in the butt for everyday routine stuff, but will catch a nasty trying to phone home.
"Properly configured" for a router means your machine is not unprotected in a DMZ or similar open configuration.
--
~Help find a cure for Cancer~
~Proud Member of Team Discovery ~ |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
| I have always considered a SW firewall and up2date AV as core security aspects of internet/pc use. The addition of a firewall/router adds a layer of protection (not replaces). The SW firewall is a last line at the PC. It will stay!!
Don't assume your in total control of what gets on your PC and thats the truth. With kids and USB keys and CDs in cereal boxes etc, anything is possible. One does not need to spend too much time here on various forums to read how users, often check a problem by directly connecting their PC to the net (sans router). Others use dial backup from time to time. Considering it takes minutes to be infected when trojans/bugs are on the loose (nevermind about malware/spyware all over the place), it makes sense to have that protection up and running.
Thus assume crap gets on your PC and the SW firewall is tres important. Consider also the standard router, even business class may be adept at filtering via port/protocol, and IP address etc, but only the SW firewall is application specific, this works in both directions. Port forwarding or even the stupid use of DMZ opens holes in your routers NAT. Zonealarms will help ensure only the proggies you have authorized will make use of the holes. Now tell me how many ppl with upper level firewall routers have a default LAN to WAN policy of block. I would hazard a guess to say they would be in a minority!! Thus the validity of using a SW firewall for outbound is true for SPI firewalls and higher (and not just consumer grade equipment)
Its a no brainer!! Use Zonealarms free.
Personally, I did appreciate the lack of scans on my SW firewall when a router was installed. Now I mainlly use SW firewall to detect any spyware/malware/advertising crap that tries to get out. - allows me to add key words or sites to blocked lists etc.... admittedly another big use of SW firewall is nicely handled via XP - its harder for others ie plain USERS to load SW without my permission 
There may come a day when SW firewall is not required but it aint here yet, nor on the horizon.
--
Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"LlamaWorks Equipment |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | reply to jack b
Most software firewalls - ZoneAlarm and their competition can now be made to operate quietly. Meaning the alerts can be lessened by a large degree. I was unable to figure out how to make this happen with the firewall Microsoft has placed within Vista. That firewall reminded me of the very old ZoneAlarm days when you got tons of alerts. Remember with ZoneAlarm you can also always tell the alert to remember your answer for that alert so you don't receive the alert again. You can also go into the software itself and set permissions. If setup to do so during the install ZoneAlarm will work almost 100% quietly with no alerts. Unless a new program has been installed or something major has occurred that you need to be warned about. To be safe you don't truly need to set everything to alert you and annoy you all the time. This is one key reason that the new technology ZoneAlarm has released in regards to making sure legitimate processes haven't been hijacked is so important. Although most of us are aware that there was a security vulnerability recently in regards to that new technology. This affected more than just the ZoneAlarm firewall though. Other firewall products were affected as well.
--
Test Your Security
Cable Diagnostics
My BLOG ZoneAlarm Help |
|
tparker1
join:2004-09-29
Winston Salem, NC
| reply to jack b
Why not just not have any protection at all the hackers are after the other Guy and not you.
Besides Leo Laporte said you don't need a Firewall if you have a router!!
I was being sarcastic you need Router,XP firewall,software firewall,If you like Zonealarm by all menas use it I would rather not have any than fool with Zone Alarm they take over a Pc faster than a fox in a henhouse.
If you want protection get CA's EZ Virus protection,Sygate,
and if you want ultimate protection get a old Pc and go to this site and set it up like they instruct and you will never have any hacker or problems again.
»www.langamereviews.com/content/view/144/2/ |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | "Besides Leo Laporte said you don't need a Firewall if you have a router!!"
Actually that is totally wrong!! And I've provided proof on this several times on my blog. Even in the form of a picture. I think if you'll listen closely to Leo. You'll quickly learn that he changes his opinion from day to day. Just because someone is a well known celebrate doesn't always mean they are an expert on a subject. No matter how many times they kiss Steve Gibson's backside.:) I don't dislike Leo. But I do feel lately that he and Steve Gibson both have done more harm than good when it comes to giving end users solid advice in regards to security.
Hackers aren't out to get the other guy. They are out to get the easiest target they can. Even those on dial up. Of course they ( hackers ) would prefer to have access to a broadband connection. But they will take what they can get. Especially if the pc that is open contains personal data etc.
»www.google.com/search?hl=en&q=le···firewall #5 also includes a link back to this forum and the thread that had the big debate on that subject.
»www.google.com/search?hl=en&lr=&···onealarm #2 and #3
For the record any security software "takes over an OS" to a point. Sygate has had it's share of problems over the years. Check the forum here. Security software must implant itself in the OS to do it's job and to stop the security software from easily being deactivated. This is what caused some major uninstall problems for ZoneAlarm users with some of the early builds years ago. Many security software vendors have had their share of problems in this regard.
--
Test Your Security
Cable Diagnostics
My BLOG ZoneAlarm Help |
|
Stop asking this sam
@comcast.net | reply to olefin
OMG, AAHHHH AAHHHH how many times must people ask this same over asked, discussed, hyped question. Why don't you qoogle and find the twenty million asked/answered topics. ENOUGH ALREADY. |
|
hi765
@net.au | "OMG, AAHHHH AAHHHH how many times must people ask this same over asked, discussed, hyped question. Why don't you qoogle and find the twenty million asked/answered topics. ENOUGH ALREADY."
Calm down seriouse sam, where's your facts and stats? |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
| reply to Stop asking this sam
While Google is a good resource at times. I don't see any harm in the question being brought up again every once in awhile. Yes it is a frequently asked question. Yes I'm sure the FAQ on this site covers the subject somewhat. But there is no harm in asking the question. The standard comment shouldn't become just Google it. Because there are in fact times where this won't help the user answer their question or resolve their problem easily. I know my first post in this thread probably made it seem as if I was also annoyed by the question being asked yet again. That wasn't my intention.
--
Test Your Security Cable Diagnostics
My BLOG ZoneAlarm Help |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31
 ·Verizon Online DSL
| reply to olefin
When Vista is released it will have both inbound and outbound support so a router and Vista's Firewall should add good security for those that do not want to pay for a Firewall or use any of the free Firewall versions available.
--
Fx v1.5 Pacifica Branch, Tb v1.5 Patrocles Branch, Fx Portable v1.5, Tb Portable v1.0.7 |
|
cork1958
Cork
join:2000-02-26
Fruitport, MI
·Verizon Online DSL
·Charter Pipeline
| reply to olefin
Simply put, "IF" you know you don't have any spyware/trojans trying to communicate outwards, than a firewall is not needed at all, "if" you're behind a router.
--
Spread Free Opera. Fastest browser on Earth or in Cyberspace!! |
|
GlobalMind
Domino Dude, POWER Systems Guy
Premium
join:2001-10-29
Hollywood, FL
1 edit | reply to olefin
Well for what it's worth, my setup....
XP Firewall is on, Trend Micro firewall is on, ZA is running as well...and my router firewall.
And yes that's Trend and ZA, despite what both sides would like you to believe that they don't work together....really wish that little spat could be fixed...
I really don't see any performance issues network wise, and I can't say I have ever had a virus/worm issue since having these various layers in place.
Oh and to the unregistered or not logged in spaz above...I would rather the same question be asked by different folks a number of times then have unsecured systems out there due to folks failure to know.
K. |
|
lefty1
join:2002-10-25
Clay, NY
| reply to cork1958
"Simply put, "IF" you know you don't have any spyware/trojans trying to communicate outwards, than a firewall is not needed at all, "if" you're behind a router."
"IF" you don't have a firewall or some other traffic monitoring in place, how do you know know whether or not something is trying to communicate outward? Without a firewall, you're leaving the door open for all kinds of malware to come in and phone home anytime it wants to. On the internet, that's practically an invitation to set up shop on your computer. While a router certainly offers some valuable inbound protection, I'm glad the SysAdmin for my bank doesn't have your attitude.
And it's "then a firewall is not needed", not "than". |
|
olefin
Really A Texan
join:2001-07-28
Hot Springs National Park, AR | reply to olefin
Thanks to all for the excellent information, except the unregistered squirrel. ( he can get lost!)
People, I'm with you... I will continue to run ZoneAlarm as I have for the past 8 years! |
|
