What version of ZOneAlarm fastest with XP SP2

Today I use 6.1.744, but I often see advices in discussions about using older version (like 4.5.594) is much faster even with XP and that the security is just as good (I have a router with a firwall so I only use ZA to monitor outgoing programs, is there anything else I could do to speed up things?)

Reply to
Lars-Erik Østerud
Loading thread data ...

If you keep your system clean of software that is only a marketing gag (like personal firewalls) it well be at best speed. Activate the XP included firewall and that is all you need.

Reply to
Ulf Leichsenring

Use opera ,and a light av like antivir. me

Reply to
bassbag

I have used all of the versions since 4.5.xxx or thereabouts. Quite frankly, I can't see any difference in speed. Mine is the free version. Jim

Reply to
Jim

I also use the freebie and update it frequently. I have never noticed any slowdown or any other problems with ZA.

If you believe every piece of trash talk you read in this group, you'll drive yourself weird.

-=- This message was sent via two or more anonymous remailing services.

Reply to
Anonymous

Real malware you would allow to run normally would'nt notice any significant problems with ZA either.

My guess is, you are a normal cautious user and ZA is'nt really being put to the test on your machine.

BTW, one of the problems with personal firewalls in general is that when it blocks something it will let you know (even about the most harmless things), and you as a user are happy because you think it works. When it fails however, you most likely would'nt notice. The perfect product for a salesman, really.

You are absolutely right. It's incredible what is being said in this group about the effectiveness of personal firewalls running on a windows platform.

But it is not surprising in any way. The marketing departments of personal firewall vendors truly are doing a great job.

/B. Nice

Reply to
B. Nice

B. Nice schrieb:

Does the platform really make a difference when it comes to host based solutions?

Thomas

Reply to
Thomas

Not in principle, no.

/B. Nice

Reply to
B. Nice

Why on earth would I do that? I have a hardware firewall in my router. The WIndows firewall will add NO benefits for me.

I mainly use the ZA firewall to monitor what programs try to send data or act as servers. The optimal solution for me and others with a hardware firewall would be a small program that just did that (monitored what programs trying to access internet).

Is there such a program out there?

Reply to
Lars-Erik Østerud

Well, the 6.1 version use twice as much memory, and the transfer speed is slightly lower than with the 4.5 versjon (I have compared them now)

Reply to
Lars-Erik Østerud

Hi Lars-Eric

Sorry, but this function can't be done by any program (Personal Firewalls) because malicious software can deactivate this monitoring on Windows systems without your knowledge. Please take a look at

formatting link
the secion called "Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe." for further information from Microsoft about this security myth.

Reply to
Ulf Leichsenring

Well well, I can stop most usual programs (windows services, media player etc) from accessing or acting as server. That helps a lot (just stopping all those microsoft services listening or sending info :-)

Of course I have a anti-virus too (and as stated a hardware firewall/NAT router)...

So I only need the "program access" part of ZA actually

Reply to
Lars-Erik Østerud

You can only stop programs that are so gentle to let them being stopped by another software. To stop microsoft services from listening or sending infos why don't you just stop the service on the system. And if you are not sure, if a program (eg. media player) sends information over the internet, why don't you choose an alternative software in what you can trust. I don't run software, that I do not trust.

Reply to
Ulf Leichsenring

Some MS programs always try to send/receive things :-( And I have to use some of them :-(

I have stopped all services I don't need of course :-)

Reply to
Lars-Erik Østerud

Sure it does, but the idea that you can prevent apps from getting out, once the system is compromised, is just folly. What you want the PFW to do is block outbound by port or protocol, not to care about about what application.

Reply to
Leythos

Although I mostly agree with what's being said there, this little blip=20 made me wonder: "Outbound filtering is only useful on computers that are already=20 infected. And in that case, it=92s too late=97the damage is done."

The damage is done, but outbound filtering could have prevented the=20 payload from being delivered. Getting infected and letting info leak=20 from your system afterwards are two different things IMHO. In cases of=20 malware that's smart enough to circumvent your PFW, that doesn't do a=20 bit of good of course. But there's also malware that actually can be=20 stopped before doing _more_ damage (beside the infection).

People that can't (or won't) understand security, like the grandmother=20 in that article, could be helped by a PFW that doesn't let anything=20 connect out that it doesn't have a rule for. That is, when the PFW is=20 configured to only allow known programs and assuming the malware in=20 question doesn't hijack another program's connection.

I've been reading this ng for quite a while, and I agree with most=20 people here that prevention is way better than trying to cure an already =

compromised system after the fact. But what about those cases where a=20 PFW can limit the damage when infected? Doesn't that have _any_ merit at =

all, especially for inexperienced users?

Reply to
prophet

Consider that I was talking about the average Joe, who might have clicked on a shady e-mail attachment, or visited a "bad" website. Without a PFW he likely wouldn't know he just got infected and information about his machine got sent to a hacker somewhere, ready to be exploited. On the other hand, even if he did have a PFW and it notified him about some funny business going on, he probably would've clicked "Yes, allow" to get rid of that annoying popup window :-/

I don't know what I'm trying to say here... I'm beginning to think that the only truly safe system is one that can't be used (and thus can't be abused). The only case where my example _might_ work, is when someone knowledgable enough has already configured the machine correctly (hardened the OS). But even then I have my doubts.

True, but the average user doesn't want to get involved in configuring his machine. He just wants to turn it on and use it, like he would a television or microwave oven. PFW companies are cleverly playing into this. As long as they can sell the idea that security is "easy", they will be around. Together with people religiously defending outbound blocking by application.

Reply to
prophet

In article , snipped-for-privacy@domain.invalid says... [snip]

[snip]

I run a PFW, not windows, on this laptop, and I've run one on every laptop we own, for years, and always found them to be of great benefit and of little trouble. We take our laptops to many locations, to compromised networks of new customers, we watch the port traffic inbound to look for compromised machines, we also have clients with PFW solutions on their portable devices, and not one of them has ever been compromised.

I also know a lot of people using PFW solutions that have been compromised by not knowing what to block/permit and unknowingly allowing something they should have blocked. I have not seen any websites take over a protected computer, not seen any probes take over a computer, I've only seen users download/install something that has poked a hole or disabled the PFW solutions - and in most cases the little start item that flashes a warning about the PFW being disabled was enough to clue them in.

So, while many people will state that a PFW is a risk, that windows firewall is the only real solution, that all PFW are bad, the real world shows that they do offer benefit, but, they don't offer more risk than any other method (except to disable the computer), in most cases.

I will keep using my PFW on my laptop and all the company laptops and all our clients laptops, as it give them an indication, which Windows firewall doesn't even attempt to do.

Reply to
Leythos

Lars-Erik =D8sterud schrieb:

So why on earth would you use Zone Alarm? It will add NO benefits for you.

As others told you before, this will not work.

No

Regards Thomas

Reply to
Thomas

Yes. "Could have". Or couldn't, because it's not possible to implement that securely.

If common "Personal Firewalls" wouldn't have security design flaws (which they have), then I'd agree. Why not? It's a bad disproportion of effort to fruits, implementing such complex software programs, which cost so much resources. And for what? To have the unlikely possibility to limit damage if the security system already failed.

But: why not? Nice try.

But many common "Personal Firewall" implementations don't only make a PC more insecure only in theory because of adding more complexity.

We're talking about design flaws like system services, which open windows, opening popups and asking the user important security related questions (which he or she does not understand for sure and therefore only can answer wrongly). We're talking about counterproductive nonsense like filtering PINs away, which is an idiotic misinterpretation of data security.

We are talking about software programs, which make a PC much more insecure compared to a PC, which does not have such design flaws.

And for what? For the unlikely possibility, that it might help if we're very, very lucky?

IBTD!

Yours, VB.

Reply to
Volker Birk

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.