ZoneAlarm shuts down my DSL connection

I'm using ZoneAlarm (free version), Verizon DSL and AlphaShield hardware firewall. ZoneAlarm has worked fine for years until I just installed DSL and AlphaShield. Now it's shutting down internet access and I haven't changed any settings in it at all. If I turn it off & reboot, connectivity is fine. If I start it up, access is terminated until I shut ZoneAlarm down. I pulled AlphaShield out of the chain and still had the problem.

I posted on the ZoneAlarm board and although 60 people had read my message (when I looked yesterday) no one responded.

Is there a software firewall that's better and will give me less trouble?

Reply to
jdarylh1
Loading thread data ...

snipped-for-privacy@verizon.net wrote: [Zone Alarm]

Are you using Windows XP? Then maybe the Windows-Firewall would be a good idea.

Yours, VB.

Reply to
Volker Birk

Yes, I'm using XP but disabled Windows Firewall because it was very annoying and also because others have said it's not as secure as 3rd party firewalls. I don't know enough about software firewalls to comment one way or the other. I just know I REALLY didn't like it.

Reply to
jdarylh1

Why because it doesn't have all the useless bells and whistles that have your DSL connection shutdown like ZA?

Duane :)

Reply to
Duane Arnold

Why?

What were their arguments for that?

[Windows-Firewall]

Why?

Yours, VB.

Reply to
Volker Birk

"Windows XP has a basic built-in software firewall, but for more-robust protection, you should opt for a commercial package." PC World "Both XP Home and XP Professional include a bare-bones implementation called Internet Connection Firewall. We recommend using a third-party package instead--which means you should turn off XP's ICF." PC World

I can't argue those points, all I can do is assume their advice is correct since they know far more about firewalls than I do.

Regarding what I didn't like about it, it constantly popped up windows that I had to deal with. It didn't seem like it was very user friendly in terms of configuration and I finally got frustrated with it and turned it off. It's been a while so I don't remember any more details. Sorry.

Reply to
jdarylh1

Here is a view from the other side of this issue:

formatting link
When you figure it out, let me know. I haven't.

Ron :)

Reply to
Ron Lopshire

It's no worst than the reset of the crap that's out there.

I suggest that you get a DSL NAT router that provides better basic protection then either XP's FW or some 3rd party personal FW solution and it won't get in the way either. And it will cost as much as the purchase amount and a couple annual subscription fee you're paying for the personal FW. It's the better overall solution.

formatting link
Duane :)

Reply to
Duane Arnold

Can't say about that; however, ZA never gave me any trouble SBC DSL (not to say that the trouble lies with Verison). I use ZA because I want a firewall which can block both incoming and outgoing traffic. However, the free version does not seem to provide port blocking, so I am considering getting the paid version. Jim

Reply to
Jim

Yes. PC World is living from Symantec's and Zone Lab's advertizing.

What arguments do they offer?

Yes. This is a design flaw, because the last person who should decide security related and technical questions, is you. You should be secured, and you should not be the person, who secures.

I hope, you have switched on the alternative - the Windows-Firewall.

Yours, VB.

Reply to
Volker Birk

Just an easy game to play: listen, who has the better _technical_ arguments.

Yours, VB.

Reply to
Volker Birk

Do you know, how easy it is to circumvent such "blocking outgoing traffic"? It's really ridiculous.

Just test:

formatting link
(the latter, if you don't want to compile yourself)

Yours, VB.

Reply to
Volker Birk

"It should be noted that Windows Firewall is not as secure as MS would want you to believe since it does half the job a commercial firewall would do; which is to block both incoming and outgoing traffic. Windows Firewall only blocks or patrols incoming traffic and it can be easily turned off by another application, possibly a worm."

You can read the whole article as well as testing results at:

formatting link
My AlphaShield hardware firewall blocks incoming (all ports except the one I'm using), I'm looking for a block for unauthorized outgoing. The cyberpunks link on the samspade site was interesting & unsettling. OK, so software firewalls aren't perfect but they're better than not having anything. When ZoneAlarm is working (ie. not shutting down my DSL), anytime something tries to access the internet, I get a popup asking if that's OK. When I click "Yes", it remembers that and doesn't bother me again.

Reply to
jdarylh1

Volker,

FYI, my KAV 5.0.391, with IDS, doesn't like your executable. Evidently, it got through my Kerio 4.2.0 PFW, pretty much set as default. I didn't even try to run it, but tried to save it to my HD, and KAV went bonkers.

Ron :)

Reply to
Ron Lopshire

Malware can beat any personal FW solution at system boot and logon, malware can re-configure the PFW solution, malware can go over the PFW, malware can go through the PFW, malware can go around the PFW solution and malware can go under the PFW solution..

One doesn't depend upon the PFW solution like it's a stops all and ends all crutch.

If you must run with the Windows XP O/S with a direct connection to the Internet (no router between the modem and the computer), then go where you're should go and that's to the O/S and harden it to attack.

formatting link
The buck stops at the O/S and not the PFW and spyware

Duane :)

Reply to
Duane Arnold

This is ridiculous crap of people who obviously don't understand how either TCP/IP and Windows are working.

| Stealth Test | The stealth test checks to see if your computer is visible to the | outside by sending packets to TCP:1 port on your machine. A good | firewall should stealth your system from this connection attempt.

There is NO SUCH THING like "stealth" in the Internet. Either a host does exists or it doesn't. In the latter case the last router *before* that host will reply with a "destination unreachable" or "network unreachable" ICMP message. In any other case you know that there is a host.

| [...] So how important is it for a firewall to block both incoming and | outgoing traffic? It is very important. Imagine you install a file and | God forbid it contains a Trojan. Windows Firewall will let the Trojan | connect and your PC will just be another zombie ready for orders to | attack. Another draw back to Windows Firewall is that rival firewall | makers claim that the API used to manage the Windows Firewall could | also be used by attackers to modify the software or turn it off [...].

Bullshit. To disable or reconfigure the Windows-Firewall through the API one needs administrative privileges, in which case one can do anything on that host anyway [1,2]. With ANY software, including other personal firewalls. And if malware really tries to bypass a personal firewall, none of them will be able to prevent it from doing so [3].

That simply cannot be done reliably.

[1]
formatting link
formatting link
formatting link
cu 59cobalt
Reply to
Ansgar -59cobalt- Wiechers

Excellent bunch of items to work through. I'll start on it as soon as I can.

I don't have a router, but as I mentioned I do have a firewall that physically severs the internect connection when I'm done surfing and cloaks all ports except the one I'm on.

Reply to
jdarylh1

A separate box? What brand and model?

Reply to
Quaestor

From that text:

| If you ask 100 Windows users what they think of Microsoft when it comes | to security, you are likely to get a few negative responses. Microsoft | has replaced the old internet connection firewall with the new Windows | Firewall which is turned on by default. It should be noted that Windows | Firewall is not as secure as MS would want you to believe since it does | half the job a commercial firewall would do; which is to block both | incoming and outgoing traffic. Windows Firewall only blocks or patrols | incoming traffic and it can be easily turned off by another application, | possibly a worm.

As we showed in our test, any malware which is already running, can easily circumvent every "Personal Firewall". So this text is just wrong. And it has no technical argument, as usual, why the things should work, they're claiming.

| Stealth Test | The stealth test checks to see if your computer is visible to the outside | by sending packets to TCP:1 port on your machine. A good firewall should | stealth your system from this connection attempt.

They don't have a clue what they're wrinting here - "stealthing" is not only ridiculous, it just does not help with security at all. It's just misunderstanding protocols, as I showed not only in this group already.

| There are two types of port scans which are TCP connect scanning and | TCP SYN scanning.

These guys are even too dumb to know about port scanning. Already nmap, a standard port scanner, supports decoy packets and idle scans and much more, see:

formatting link
As a conclusion I'd say, that they're writing the same shit as anybody. Supposably they're transcribing from each other. ;-)

I cannot see, why "Personal Firewalls" should be better than the Windows-Firewall or just offering no services.

Yours, VB.

Reply to
Volker Birk

Yes. Some idiot inserted it as malware into a virus database, so now some virus scanners detect it as malware. Ridiculous.

I really don't understand, why providers of virus scanners are giving POC code the status of malware; Honi soit qui mal y pense. Hint: most of them are providers of "Personal Firewalls", too ;-)

;-)

Yours, VB.

Reply to
Volker Birk

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.