January 21st, 2003, 10:33 PM
Zone Alarm Pro 3.5
Is it the best internet security firewall out there or not???
January 21st, 2003, 10:36 PM
Umm... search the forums. This has been discussed to death.. everyone has their own personal choices. I suggest you delete this thread and search the archives...
January 22nd, 2003, 12:17 AM
its a matter of opinion dude but you will find enough info on this site to help you decide for yourself
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
January 22nd, 2003, 12:50 AM
I just become an member of this site,,,, I am worried about the security of my computer I have a fire wall but you know crackers can still get to the computers, Can anyone suggest what I can do to make my computer more secure and hard to crack. Please Help.
January 22nd, 2003, 12:59 AM
I would say that this is not the best firewall out there, for home users. I've tested it, and found that it lets a fair amount of my scans, and those of my friends. I would like to suggest using Sygate, at download.com, its free, easy, and uses full stealth, with better logging than Zone Alarm, without the annoying parts.
If you have any questions about Sygate, PM me, and I'll be glad to help out!
January 22nd, 2003, 03:24 AM
I have posted this before, and i will post it again
What is full stealth?????
its free, easy, and uses full stealth
Please dont tell me that your stealthed because you went to grc.com (shields up) and their results were (Congrats, your ports are stealthed and you are safe). That is so ridiculous.
There is no such thing as "STEALTH"
Let me explain a few details here:
A firewall is is a packet filter. It filters out packets depending on the firewalls security policy. The filtering of packets is done by :
1 - Destination/Source IP
2 - Destination/Source Ports
3 - Protocols (tcp, udp, icmp, etc....)
4 - Interface (ppp0, ippp0, eth0:eth1 etc...)
Depending on those criteria, the packet filter reacts depending on the given rules (security policy) :
1 - Accept (Accepts the packets)
2 - Reject (Rejects the packets with an echo response such as "destination host unreachable")
3 - Forward (Forwards the packets to the defined destination)
4 - Drop (Drops the packets meaning that no reply will be sent back to the source)
There are a few more, but i will not go into more detail on that here.
Now to get back to the issue of "STEALTH" (LOL). Stealth means that the ports just DROPs any icmp packets (ping). Meaning that when pinged, there is no reply. That has a negative side.
1 - It makes the source aware that there is a firewall which is configured to DROP icmp.
2 - This information is very important to an attacker.
The positive side of dropping icmp (STEALTH (LOL)) is that :
1 - It slows down portscans.
2 - Sometimes the last few nodes on a traceroute will not be shown to an attacker.
So all this STEALTH does is to drop any packets using the icmp protocol.
That will not protect you from port scans, or other known scan methods. It will just not allow an incomming icmp connection to be made.
Now to get to the point of this thread.
There is no such thing as a firewall out of the box. No magic program that offers security and a firewall all in one. All that is just a weak attempt to secure a computer. (i love the message zone alarm gives you when it first starts (Zone Alarm has now loaded and is protecting your computer. You are now Safe)) ROFLMMFAO
Let me give you a small example of what a firewall looks like.
1 - exterior router + dedicated linux box running iptables/ipchains
2 - exterior router + dedicated linux box running iptables/ipchains + interior router
these are examples of the word "FIREWALLS". For more detail i suggest you BUY the book by O'Reilly "Building Internet Firewalls 2nd edition". Read it 10 times (about 800 something pages)
for the little home users who think that every time they get a ping or an attempted connection on port 21, 80, 110 thinking that its some major hacker/cracker attack and is blocked of by these socalled out of the box firewalls, any lil firewall will do. To actually stop a real hacker/cracker, it takes alot more. None of these zonealarms, tinys, sysgates, etc... will protect you from a real attack. You cannot define them in the same depthts as you could for a real firewall. You cannot define the rules with all the details that i have spoken here about with them.
First think of the following Questions.
1 - Why should you be a target?
2 - Are you even interesting enough for an attacker?
3 - A firewall will not help you secure your data (in the sense of, a firewall cannot filter out files, or filetypes, nor hide the presence of a file)
4 - Is your data really that sensitive
These examples are not meant for companies or serious networks.
The simple home user will be safe using any lil firewall they can get their hands on.
The moment you get into serious security (meaning that you do have sensitive data on your computers), then you will need more protection. No zone alarm or any of these norton thingys will protect you from serious threats.
If you think that you only need a firewall to protect you , then you are very very far away from having a secure system.
To help secure you system you have to do the following things:
1 - Make regular backups.
2 - Make sure that every little point in your system is uptodate.
3 - Make sure that you have antivirus scanners.
4 - Encrypt sensitive data, ot even better, dont store it on the computer.
5 - READ YOUR LOGFILES
6 - Use a very strong password policy.
I know that i have left out plenty of things here, like udp scans, smurf scans, papasmurf scans, xmas scans, syn,urg,fyn scans, -P0 scans and a ton more of firewall and security related issues. I have supplied more than enough though for what i believe is important to understand to what has been posted so far in this thread. If i have made any mistakes here anywhere, please DO correct me. I hope that i have been of help. I will shortly write a tutorial on how to create secure firewall policies.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
January 22nd, 2003, 03:54 AM
well done instronics!
i want to add something.home users aren't targets ,as you said before me,till the time they get involved into misc actions...
till that time a firewall and an antivirus software is the best security sollution.
of course you have to take care of other things too...but noone will take advantage of your universal plug n play exploit, in order to take your family album!
January 29th, 2003, 08:00 AM
IF YOUR NOT RUNNING MAJOR STUFF USE THE FIREWALL
February 1st, 2003, 01:46 AM
I agree with instronics there is no such thing as stealth you are always being watched, but some times action cannot be taken
February 1st, 2003, 02:45 AM
I don't know about stealth, I do know about a secure system. I use ZoneAlarm 3.5 and find it great. I haven't had any incidents yet. Between ZoneAlarm, Norton AntiVirus and Pest Patrol, I feel very secure. I am also running Win 2000 pro