olefin
Really A Texan
join:2001-07-28
Hot Springs National Park, AR | reply to IGGY
Re: XP Firewall and ZoneAlarm
IGGY,
Very interesting, thanks.
|
|
jack b
Gone Fishing
Premium,MVM
join:2000-09-08
Cape Cod
clubs:
 ·Comcast
| "Properly configured" for the firewall means all applications must ask permission to access the internet. This way anything wanting out generates an alert. It can be a pain in the butt for everyday routine stuff, but will catch a nasty trying to phone home.
"Properly configured" for a router means your machine is not unprotected in a DMZ or similar open configuration.
--
~Help find a cure for Cancer~
~Proud Member of Team Discovery ~ |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
| I have always considered a SW firewall and up2date AV as core security aspects of internet/pc use. The addition of a firewall/router adds a layer of protection (not replaces). The SW firewall is a last line at the PC. It will stay!!
Don't assume your in total control of what gets on your PC and thats the truth. With kids and USB keys and CDs in cereal boxes etc, anything is possible. One does not need to spend too much time here on various forums to read how users, often check a problem by directly connecting their PC to the net (sans router). Others use dial backup from time to time. Considering it takes minutes to be infected when trojans/bugs are on the loose (nevermind about malware/spyware all over the place), it makes sense to have that protection up and running.
Thus assume crap gets on your PC and the SW firewall is tres important. Consider also the standard router, even business class may be adept at filtering via port/protocol, and IP address etc, but only the SW firewall is application specific, this works in both directions. Port forwarding or even the stupid use of DMZ opens holes in your routers NAT. Zonealarms will help ensure only the proggies you have authorized will make use of the holes. Now tell me how many ppl with upper level firewall routers have a default LAN to WAN policy of block. I would hazard a guess to say they would be in a minority!! Thus the validity of using a SW firewall for outbound is true for SPI firewalls and higher (and not just consumer grade equipment)
Its a no brainer!! Use Zonealarms free.
Personally, I did appreciate the lack of scans on my SW firewall when a router was installed. Now I mainlly use SW firewall to detect any spyware/malware/advertising crap that tries to get out. - allows me to add key words or sites to blocked lists etc.... admittedly another big use of SW firewall is nicely handled via XP - its harder for others ie plain USERS to load SW without my permission 
There may come a day when SW firewall is not required but it aint here yet, nor on the horizon.
--
Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"LlamaWorks Equipment |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | reply to jack b
Most software firewalls - ZoneAlarm and their competition can now be made to operate quietly. Meaning the alerts can be lessened by a large degree. I was unable to figure out how to make this happen with the firewall Microsoft has placed within Vista. That firewall reminded me of the very old ZoneAlarm days when you got tons of alerts. Remember with ZoneAlarm you can also always tell the alert to remember your answer for that alert so you don't receive the alert again. You can also go into the software itself and set permissions. If setup to do so during the install ZoneAlarm will work almost 100% quietly with no alerts. Unless a new program has been installed or something major has occurred that you need to be warned about. To be safe you don't truly need to set everything to alert you and annoy you all the time. This is one key reason that the new technology ZoneAlarm has released in regards to making sure legitimate processes haven't been hijacked is so important. Although most of us are aware that there was a security vulnerability recently in regards to that new technology. This affected more than just the ZoneAlarm firewall though. Other firewall products were affected as well.
--
Test Your Security
Cable Diagnostics
My BLOG ZoneAlarm Help |
|
tparker1
join:2004-09-29
Winston Salem, NC
| reply to jack b
Why not just not have any protection at all the hackers are after the other Guy and not you.
Besides Leo Laporte said you don't need a Firewall if you have a router!!
I was being sarcastic you need Router,XP firewall,software firewall,If you like Zonealarm by all menas use it I would rather not have any than fool with Zone Alarm they take over a Pc faster than a fox in a henhouse.
If you want protection get CA's EZ Virus protection,Sygate,
and if you want ultimate protection get a old Pc and go to this site and set it up like they instruct and you will never have any hacker or problems again.
»www.langamereviews.com/content/view/144/2/ |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | "Besides Leo Laporte said you don't need a Firewall if you have a router!!"
Actually that is totally wrong!! And I've provided proof on this several times on my blog. Even in the form of a picture. I think if you'll listen closely to Leo. You'll quickly learn that he changes his opinion from day to day. Just because someone is a well known celebrate doesn't always mean they are an expert on a subject. No matter how many times they kiss Steve Gibson's backside.:) I don't dislike Leo. But I do feel lately that he and Steve Gibson both have done more harm than good when it comes to giving end users solid advice in regards to security.
Hackers aren't out to get the other guy. They are out to get the easiest target they can. Even those on dial up. Of course they ( hackers ) would prefer to have access to a broadband connection. But they will take what they can get. Especially if the pc that is open contains personal data etc.
»www.google.com/search?hl=en&q=le···firewall #5 also includes a link back to this forum and the thread that had the big debate on that subject.
»www.google.com/search?hl=en&lr=&···onealarm #2 and #3
For the record any security software "takes over an OS" to a point. Sygate has had it's share of problems over the years. Check the forum here. Security software must implant itself in the OS to do it's job and to stop the security software from easily being deactivated. This is what caused some major uninstall problems for ZoneAlarm users with some of the early builds years ago. Many security software vendors have had their share of problems in this regard.
--
Test Your Security
Cable Diagnostics
My BLOG ZoneAlarm Help |
|
tparker1
join:2004-09-29
Winston Salem, NC
| I agree if you notice Leo is getting answers to questions asked from the back somewhere notice the earpiece visable if you are looking close enough.Hey I like Leo also He is a nice Guy.Leo supposedly wrote a book on Computers.Sygate isn't perfect I have yet to see a software one that is though there is a excellent alternative and that is a old Pc with a pentium 66 mhz Cpu no harddrive required that is the best Router I have ever used plus it is cost effective and no hacker has got through yet.I am not naive enough to believe one can't but this setup makes them earn their keep.Only the most advanced Computer Engineer has a chance to get in.
Steve Gibson is as you say not worthy of any awards his three amigo's is a work of paranoia at best. |
|
