There seems to be widely differing opinions regarding ZoneAlarm on this forum. What's the problem with it? Gibson Research -
Jim Ford
There seems to be widely differing opinions regarding ZoneAlarm on this forum. What's the problem with it? Gibson Research -
Jim Ford
Oh Boy. You just opened up the floodgates ;)
This question has been answered over and over again. Search the archives of this group.
Yeah, right.
In my experience ZoneAlarm went though a period of unreliability a few years ago, including causing trouble with TCP.
It seems to have been sorted now so I'm giving it another try. As I use a hardware firewall for inbound protection, ZoneAlarm only gets involved with outbound protection.
I wish I'd never asked 8^[
Jim Ford
Just keep in mind that the majority of folks here against ZoneAlarm are against all personal firewall software.
Craig
Thanks - sounds sensible advice!
I have a Linux router/firewall and installed ZoneAlarm as a second line of defence on an XP machine. After all, it didn't cost anything.
Jim Ford
All of its options are useless or even counterproductive, with the exception of the host based packet filter. But such a packet filter you're getting with the Windows-Firewall, too. And this packet filter has no braindead concepts like asking the users to decide security related questions.
Gibson's advices contain nearly anything from helpful information up to completely nonsense.
Yours, VB.
Yes it did, it cost you system resources for no real good reason.
What is it protecting your from?
In contrary to the good for nothing windows firewall Zonealarm offers monitoring of the outgoing traffic so you´r notified when you´r infected. Incoming monitoring is done by your NAT router which makes incoming filtering/monitoring of no use..
arja
*sigh*
That must be the most braindead reason for using a personal firewall I have ever heard. You don't want to be notified when your computer is already compromised, you want to keep your computer from getting compromised in the first place. Besides, if you must have monitoring of outgoing traffic: Port Reporter [1] does that without the usual downsides of personal firewalls (except for the lack of reliability, which is inherent to this type of monitoring).
[1]
What? One doesn't want to get infected in the first place. On top of that, the NAT router comes closer to being a FW than ZA. ZA and the rest are just machine level packet filters. A FW separates two networks. The FW protects from the network it's protecting from, the WAN, usually, and protects the network it's protecting, the LAN.
What if the malware has added itself to ZA's "allowed" rules? Then it does not give an alert.
You may find this interesting :)
Doesn't password-protecting ZA prevent unauthorized "additions?"
It should, at least in theory. I am not sure if ZA still falls under the snake oil/smoke and mirrors category (haven't messed with it for a few years), but there are a lot of snake oil pf's that can be disabled with something as simple as a registry value change. If I am not mistaken, earlier versions of ZA were vulnerable to that weakness.
Do you have an example of that.
arja
"Kayman" schreef in bericht news:ekt7ss$a1h$ snipped-for-privacy@aioe.org...
That´s what I meant, the win firehole is full of holes otherwise can´t exact see what you are doing :-(
arja
Does malware ask if you want to be infected before acting?
arja
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.