|
Summary: Zone Alarm is a popular firewall you install on your machine. If you also have a NAT router you may - or may not - need a firewall such as Zone Alarm. I have a WinXP Pro PC behind a NAT router and am getting tired of Zone Alarm to the point where I think Zone Alarm is creating more problems than it solves. Some have suggested that I do not need a software firewall as long as I practice safe computing. Do you agree? And can you recommend a different free software firewall solution just to satisfy my paranoia? As you've seen, there differing opinions on this. In reality it does, indeed, depend on how you use your system and how "safe" your safe computing really is. It's also important to understand that there are a few things that a software firewall like Zone Alarm can do that NAT routers typically don't. Let me tell you what I do, and you can draw your own conclusions. • My home network lives behind a NAT router, and my machines at home do not have a firewall installed, other than Windows XP's built-in firewall - which is turned off. You can easily see which way I lean on this particular issue. I have a complete suite of security tools in place, including anti-virus, anti-spyware, automatic updates, backups and the like. Both my wife and I religiously practice "safe computing" - we're both good at identifying suspicious attachments, for example, and don't download things that might be dangerous (or if we do, we do so in a very controlled manner). The result is that over many years we've never experienced virus or significant spyware infection or related issue. That's not to say it won't happen some day, but so far what we have, and do, has proven to be quite adequate. Note, though, that I said "at home". On occasion I do take my laptop out and connect to other networks - networks such as public hotspots, or networks over which I have no control and very little knowledge. In these cases I enable the Windows firewall. There are important differences to note between NAT routers and firewalls such as Zone Alarm. "If you avoid all of the other ways that viruses and
spyware can arrive on your system ... then a NAT router will do its part in
preventing network based attacks.
A NAT router, for example, can only prevent attempts to access your computer from outside of your LAN. That means that and problems already within your LAN are not abated, or detected, by the router. If you have an infected machine within your LAN behind your router, it can easily infect all the other machines on your LAN. If your machine is infected and connecting to the internet in unexpected ways, a router will detect, or stop it. That's why the big emphasis on if you practice safe computing. If you avoid all of the other ways that viruses and spyware can arrive on your system (email and web downloads being the worst), then a NAT router will do its part in preventing network based attacks. A software firewall running on each machine is naturally going to protect against many types of problems regardless of where they come from: other machines on your local network, or the internet. Now, like a NAT router, a software firewall cannot prevent infections from internet downloads and email attachments. However unlike a router, a software firewall can detect, and prevent, certain types of bad behavior - like a virus on your machine attempting to spread to others. This "outbound" protection is both a blessing and a curse. The most common complaint that I get about Zone Alarm and similar products is that it alerts too often, and for benign and valid access of the internet. That's unfortunate, because when it alerts too often for all these "false positives", people start ignoring the alerts, or turn off the feature completely. When a real problem happens they're unable to distinguish it from the noise, and frequently ignore that as well. Fortunately, I don't believe that's a terribly common situation, but it is annoying when it happens. Now given your dislike of Zone Alarm, here's the kicker ... there are many free software firewalls (just search Google for free firewall) - but the one that seems to fairly consistently bubble to the top of people's recommendations appears to be: Zone Alarm. Since I don't use one myself, I rely on those recommendations instead to guide people - but if you're not happy with Zone Alarm, there are many alternatives to try as well. But personally, I'm quite happy with my NAT router, the Windows built in firewall as needed ... and a little common sense. Related:
Article 10652 | Posted August 27, 2006 |
Stay Informed Archives Advertisers |
•
I love Zone Alarm. It asks you to OK a lot of programs, etc., at first. But after using it awhile, it only has to ask you whether you want to accept or reject files that would otherwise be sent to you from sites without your knowledge that they are being sent.
This is very valuable.
I almost always refuse to accept anything that I am not certain will not hurt my computer. If what I want to view at the site I am visiting will not display because it NEEDED the material that I decided not to accept, I realize what has happened, and I go back to where the spot where the program will resend the needed file or files, and this time I accept them.
Zone Alarm is great and has saved me many major headaches.
Fred Howard
Posted by: Fred Howard at September 2, 2006 3:30 AMI have zone alarm pro version 4.0123.012. I have certain problems as follows: Whenever a program tries to access the internet, I get an alert asking my prmission. I usually check off a box asking it to remember my answer. Recently it began to "forgret" and ask me for certain programs over and over. Then it got real bad and the whole database erased each reboot. I did a search and on a user forum was told to reboot and delete certain files. Then reinstall the program in safe mode. The reason was that these files were likely corrupted. I did this, and it's a lot better, but I still forgets some, but not all programs. This is liveable, but annoying.
Michael J. Yaros
Posted by: mike yaros at September 3, 2006 5:29 PM1. Well as first, regarding the other free firewall alternatives beside Zone Alarm (and beside the mentioned Sunbelt Kerio Personal firewall), I would also recommend trying the Sygate firewall. Oh and btw. I also used Kerio firewall back then for some time, but it was still the old "non-Sunbelt" version.
2. As second, regarding the "outbound protection"; you see, many people argue (especially on Ars Technica forum that I frequently visit/participate on it) that the outbound traffic monitoring firewalls are more or less useless, since once the malware is on your computer you are already owned and that the malware could in turn turn-off your firewall and disable the Windows "Security Center" altogether. If you want to, see the recent "Do we need an outbound traffic monitoring firewall ??" thread: http://www.castlecops.com/postitle165221-0-0-.html that I opened on CastleCops forum about this.
3. And as third, regarding the Zone Alarm that doesn't remember the setting for a particular program (btw., I don't use the program anymore); in my opinion one of the reasons might be that the program is launched from different locations (for instance TEMP sub-directories), and the other one being the possibility that the "database" was corrupted (as already mentioned by the poster above), which actually doesn't occur so rarely at all in Zone Alarm's case. If I recall correctly the "database" is a common .xml file (or two .xml files) that you need to delete along with logs' folder, and after that reboot to start "fresh".
P.S. -- I would also recommend searching Zonelabs site for older non-bloated versions of Zone Alarm firewall that were certainly more resources-friendly and stable in general !!
________
best regards,
Posted by: Ivan Tadej at September 3, 2006 7:31 PMIvan Tadej, Slovenija, EU
http://www.tadej-ivan.be/
I learned the hard way that Zone Alarm could NOT be overwritten (address redirected),(by malware, etc.). Norton can. I have nothing but praise for my Zone Alarm free firewall. Sure, it has it's quirks but for a lower level computer user like me, well, It's worth it's weight in gold. VIC
Posted by: VIC at September 4, 2006 12:48 AMin my co there are 50 comp's all is having win2000 and winxp, the problem is when we access a programm2 from data server it is database programme and all the machine is accessing from the data server and when we access it its running very slow what could be the problem please help me it is urgent.
thanks
sanjay
Posted by: sanjay at December 13, 2006 2:32 AMAsk leo is an excellent help.Regarding Zone Alarm, I have been using it for years and have had no problems. I recently went wireless and have a 192..168 address when i look at the DOS prompt as suggested.Ian Gizmo Richards has recently said he is going to change over to Comodo Firewall early 2007. This is a free programme and comes well recommended, a friend of mine who is very particular and a born sceptic recommends it highly as well.I would think that Gizmos recommendation alone should carry a lot of weight, as, like leo, he is ultra well experienced and informed.Hope this helps.
Posted by: Mike B at January 6, 2007 12:09 PMAsk Leo ..... great site. I have a router and i use ZoneAlarm Pro. As my ZA is up for renewal i might well not bother. Trouble is its the paranoia that kicks in. I cant see my hardware firewall so does it really work ? !! I even disabled my ZA and went to grc.com and ran the LeakTest ..... guess what .... my firewall was penetrated !! Looks like ZA free might get my vote or maybe Comodo ;)
Posted by: eggwonda at January 27, 2007 4:42 PMHmmm, one thing I don't like about zonealarm is that when I start up Pangya, during that time it shows up the box then my Pangya hangs or can't login at all. Normally i would shut down zonealarm when I'm playing online, save the trouble of restarting my pc again.. -.-;
Posted by: winsonkoh at June 6, 2007 8:39 PMIt's a constant debate whether a router peforming NAT is just enough. From what I've heard and read, a software firewall will add an extra layer of protection, and block outbound traffic, your router is just going to do what comes in. Not what goes out. Overall, reading about firewalls and security I find very interesting. Windows Firewall at least in XP, lacks outbound protection. This is one of the cons of it. I've used ZA, Sygate, and one other firewall and ZA I've found myself coming back time and time again. It's easy to use and configure, and effective. You can get rid of the nagging alerts if you go to the alerts tab and choose off, program alerts will still be displayed. I admit ZA has gotten more bloated. It works well though and I highly recommend it. If your router does SPI, that's extra protection, again--no outbound protection on your router though. ZA free version is very configurable and you can get rid of the nagging alerts if you know how to press the correct buttons.
Posted by: Nick at January 16, 2008 6:32 AM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The problem with outbound protection is that when it traps
something real, it's too late - you've got outbound bad
traffic because there's something bad on your machine. If
you don't have malware on your machine, then the outbound
warnings are just so much noise (that often serve to mask
anything valid that might come up anyway).
IMO inbound-only firewalls - particularly NAT routers - are
the way to go.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHk+dRCMEe9B/8oqERAo/7AJ9p15TtYlaqLb4+bK/41lyFMEA1BgCfd161
Posted by: Leo A. Notenboom at January 20, 2008 4:29 PM0E5iuyvAxgivEBf9gud6oaw=
=44t3
-----END PGP SIGNATURE-----