Zonealarm System Error: Please Reboot

Oops. The web address relevant to my previous posting should read:

As mentioned, this page does have an answer but this did not resolve my Zonealarm problem.

If you don't have a VPN connection from home to like work using the Cisco VPN client software that you installed on the machine, then it's a moot point.

Get rid of ZA if it's giving you that much trouble.

And,

That depends on what flavor of the MS O/S you're using and do you know how to shutdown services/applications that would have ports opened that those services/applications were listening on that would lead to a compromise of the machine if they were not shutdown closing the ports.

Most home user's are not aware of this or know how to protect the MS O/S without a FW. So, you may have some risks and maybe you have already been compromised and don't know it.

Duane :)

And about that statement in your other post, get yourself one that's in the link that cost as much as ZA or something else you're wanting to go to that provides instant protection from the Internet and little to no configuration on your part. You can supplement it on outbound with a less complicated personal FW if you like. But if the PFW gives you trouble, the other thing is always there doing its job. You can't uninstall if off of the computer.

That's a NAT router.

Duane :)

If you're using Windows XP, consider the Windows-Firewall.

Yours, VB.

Or rather, *Don't* consider the windows firewall, at this point anyway. For the average user that leaves most or all ports running, and doesn't uninstall any applications or components, and isn't careful about what sites they visit or their browser settings, the Windows Firewall is, at present, woefully inadequate.

What's all ports running? There are 65535 TCP and UDP ports. Are they all *running*? How many applications that use ports have *all* those ports *running*?

and doesn't

What's any FW have to do with all that? And please don't tell me about the crap ware in the personal FW solutions that are trying to protect you from *you*.

Why, because it doesn't have a lot of bloat crap you can point, click and play with?

It's a packet filter solution that stops unsolicited inbound traffic like it should be doing at the machine level.

Duane :)

Why exactly, please?

Yours, VB.

Wow, that's a lot of vitriol.

So, "all ports 'running'" is clearly a colloquialism. By that I of course mean all the *default* ports on a Windows system, particularly the most common targets like tcp 445 and 135. Without disabling sharing, NBT, UPnP, Term Svcs, and the like, there's a lot of services running, listening, waiting for connections, for credential guessing.

Now, as for what a FW has to do with browser settings and what sites one visits, the connection should be obvious to anyone who cares to think before composing invectives. The connection between the two is indirect, but well-known nonetheless. The average user with insecure browser settings in IE, who visits certain sites, is actually using the number one vector for remote exploit, the IE browser. So, once the browser allows something to be installed on the system or remotely exploits something in the browser that allows the system to be controlled, a bidirectional firewall would actually alert such a user that outbound connections are being made, connections that they wouldn't otherwise be aware of with a inbound-only packet filter.

Basically, it gives them a heads-up, potentially, that there's a piece of software on their machine making outbound connections. This could be a rootkit, this could be a trojan that was installed from an e-mail attachment and is sending a password list out...

While it's not often a *preventative* measure, it's certainly an important *detective* measure.

Learn first, flame second...

You'll have to forgive the posting name but I can only see your post with OE that as this name, because Thunderbird can't see you for some reason.

If you're going to say it, then say it right. The other way makes it look like you don't have a *clue*.

Talk to someone who doen't know this.

All they got to do is configure the O/S and the Internet application not do allow the install. You know by not surfing the internet with Admin rights.

And maybe the PFW will alert and maybe it won't. I know I wouldn't lean on something like that like a crutch like it's some kind of stops all and ends all solution.

What's Application Control got to do with some kind of bidirectional anything? At best, all it's doing is stopping a program for doing something and that's not a FW function. And it's only good as long as you don't boot the machine for in 3rd party PFW solution as they are not an integrated NT service that has been set as a dependency to any NT service being used by the NT based O/S.

What that means to you is that the PFW is not being started first in the start sequence on the NT based O/S and therefore the 3rd party PFW is can and is being beaten to the TCP/IP connection before the 3rd PFW solution can even start to stop anything it's by malware.

The only PFW that can get there first is the XP FW that is set as a dependency of NT the NT service that makes the TCP/IP connection available and it must wait for the XP FW to be up and active before TCP/IP connections are allowed.

It may or may not work and can be cricumvented and defeated by malware. The worthless Application Control is just that, worthless.

I wouldn't count on it period like a crutch.

You can find my name in the NG. :)

Duane :)

Isn't it more likely that IE itself would just be used as the conduit for the exploit on port 80, in which case, the firewall would be useless?

Again, my point is not that a bidirectional firewall will/would

*prevent* an exploit, but rather make you aware of its existence by rearing its head to make outbound connections that you didn't initiate.

You're not telling anyone that frequents this NG that has not been heard a billion times. It's better that one knows what's happening on the machine instead of the crutch telling you what's happening.

Duane :)

So you'd prefer to do a netstat, view a list of processes using those ports etc? That's just unnecessarily manual.

The 'crutch' you speak of **is** telling you what's going on on the machine. How arbitrary to eschew a firewall in this task.