Hi there,
Looking for a firewall for my home Win XP PC I run into ZoneAlarm firewall that appears to be free. Does anybody know how much good or bad is it?
http://www.zonelabs.com/store/conten...lm_details.jsp
Thanks,
g
Printable View
Hi there,
Looking for a firewall for my home Win XP PC I run into ZoneAlarm firewall that appears to be free. Does anybody know how much good or bad is it?
http://www.zonelabs.com/store/conten...lm_details.jsp
Thanks,
g
Well to answer your question, iv used it and i think its fine, its good for a free wall (there all others you should check out too at downloads.com) its pretty easy to set up and maintain but again check out others too and see wich you like more. I also did some searching on the site and this has been covered before alot so do a search in the forums for "firewall" and you can see how the other posts were and read about this subject and see what other people have said already, searching is your friend :)
I use zonealarm for 1 year now and I'm happy. It's a good firewall (or I don't see that I've been hacked).
i used zone alarm fo a long time but switched to outpost after hearing about it from members of this site. outpost gives you more control.
I use ZoneAlarm as well and have never had a problem with it. The base version of ZoneAlarm is free. You can get it here: Zone Labs
There are many other products- free and not- that people highly recommend. I have seen Sygate come up on here a lot. Windows XP also has a built in firewall, but I haven't played with it to know whether it is any good or not or how it compares with other firewalls.
A lot comes down not only to how the firewalls technically work, but also personal preference. You could download ZoneAlarm and Sygate and maybe a few others. Try them all out one by one and try out the Windows XP firewall and make a decision which one fits you the best
Thanks a lot for recommendations, I am going to check it...
But having so many Firewalls programs for free, why the one would like to pay for it? Is it all about the level of the security? How could it be measured?
um, i havent used zonealarm personally so im not going to comment. but i will comment on the firewall that i have found seems to work the best.
sygate.com should have all the answers.
-cheers
Well, there are many discussions on AO about Zone Alarm.
I say: for beginners it's a good start... but
it is a resource eater
and it has some known problems. Like for instance the fact that before the "you are now protected by ZoneAlarm" screen appears on your windows box, you are litteraly NOT protected. Sounds obvious but remember that it runs after you logged in. Or better between the log in and the actual start of the explorer and other M$ ****. Therefor allowing pc's to run shares without log in and without firewall protection. This worked for the ZA versions I played with.Turn your computer on, do not log in, but use another box to access the shared resources on your box or ping the box... this works, even if you do not allow those actions in ZA. Offcourse when you log in, like you normally do, everything works like it should work. So basicly I think ZA is a good start. It has some flaws, is sometimes overreacting but overall it's ok. Sygate and Outpost are probably better choices.
About free or not. Well many times personal or academic use is free but commercial not. Next, you are talking about "desktop firewalls" that's another category then real hardware firewalls with other customers. Perhaps some people believe in brand names like McAfee, Norton Symantec, ... to trust, and are willing to pay for it.
I used zone alarm for a while and never had any problems. I like the alert system and the easier than easy setup. I think its a good choice.
For a single system desktop firewall zone alarm is perfectly fine, a little resource intensive but its ease of use counters that. It dose lack in the antiviral support for the free version, but you should have a separate AV system anyway. The only reason I could see paying for a firewall is if you are trying to do port forwarding or setting up a DMZ and didn't want to learn Linux/BSD.
I use ZoneAlarm as well and have never had a problem with it and I think its a good choice. For a single system desktop firewall zone alarm is perfectly fine.
Zone Alarm works fine for me. I notice on my laptop though sometimes I have to shut down Zone Alarm to access or find other computers on a LAN. That is about the only problem I have with it.
Myself, Spyder X and Instronics were discussing this earlier today,
Check out this thread..
http://www.antionline.com/showthread...083#post615083
Pay particular attention to Instronics post.
Cheers
VicE$DoS$
heh for beginners its good choice but ... ZA have some bugs ( I mean old versions )
-67 port is everytime open! but as I said its good choice ! try sygate too!
I am using ZoneAlarm and I really like it I've never had a problem. It's also pretty easy to use they even provide a tutrial if you really want to know how it works. Its easy to turn off if you want and back on. It also notifies you of the people trying to get into your computer and tells you, then kicks em out. I recommend it because it's free and it works pretty well.
i think that using a firewall is not a very good ideea. this is because from what i know, a firewall is meant to protect you against a DoS attack. But there are some problems which i meet until know:
1. when some one is flooding you, the firewall will close the port wich is attacked (139 on Windows)
2. the firewall eats a lot of resources
3. the firewall may block information that you need fron the internet
a side bar- time warner computer guru man came to my house to do some maintenance on t-w hi speed on line connection -- he preached against firewalls (at home) and said time warner cable inc was protecting me with their company firewall ..... and i should not need any extra ones... my advice would be if you hear this speech.. .. ignore it .
So instead you feel comfortable with haveing your ports open for whatever and whoever?Quote:
i think that using a firewall is not a very good ideea. this is because from what i know, a firewall is meant to protect you against a DoS attack. But there are some problems which i meet until know:
1. when some one is flooding you, the firewall will close the port wich is attacked (139 on Windows)
2. the firewall eats a lot of resources
3. the firewall may block information that you need fron the internet
A firewall is meant to protect your ports. And to keep applications not allowed to use your network from using it, among other things.
1.: That is a good thing right? not all floods is on port 139 though.
2.: Sygate doesn't use that much resources.
3.: The user has the ability to configure what to block and what not too block.
Maybe I didnt understand your post, but to post that you shouldnt use a firewall on a forum mainly targeted toward security... I dont know man...
A firewall is not strictly for preventing a DoS attack. The firewall is there to control or restrict into or out of your network on any and all ports- not just 139.Quote:
Originally posted here by Mahdi
i think that using a firewall is not a very good ideea. this is because from what i know, a firewall is meant to protect you against a DoS attack. But there are some problems which i meet until know:
1. when some one is flooding you, the firewall will close the port wich is attacked (139 on Windows)
2. the firewall eats a lot of resources
3. the firewall may block information that you need fron the internet
It is important to note the into or out of part. Many only consider the aspect of blocking external traffic from coming into your network. But, there are Trojan horse, backdoor, worm and virus programs that can initiate connections out of your computer. Because your computer initiated the traffic, even a port-blocking hardware firewall like those in cable / DSL routers would not block the reply no matter what port it was on. It would be seen as a legitimate response to a request from your computer.
It is a fact of life that if you are running an application it is going to use some resources, but there are firewall applications that get the job done and don't eat that much in terms of resources. I think the tradeoff of resources for security is a good balance.
Lastly, the firewall can potentially block something you want. There is a learning curve with whatever firewall you select. You have to teach yourself how it works and get it configured to suit your needs. If you want to participate on P2P networks like Kazaa you will need to open ports. If you want to host web sites from your computer you will need to open ports. It may take some time to get it configured exactly how you want it but the end result will be a more secure computer.
I had used ZoneAlarm for a short time, I think it is a good firewall but I decided against keeping it for myself mailnly because of its simplicity, it made me feel unsecure. I now use kerio personal firewall www.kerio.com and have been useing it for about a year now I believe. I like it. there is a beta 3 version of the firewall that has built in IDS and some other new features, and a very much improved atractiveness for the eye. But I found too many bugs in the beta so for now I am settleing for kerio version 2. I believe you find it in the products menu along the top at www.kerio.com
ZoneAlarm is a great firewall for the average user but if you are paranoid i would go for a hardware firewall, ZA has a few vulnerabilities one of which is: If the computer is running 256Mb of RAM or less ZA will keel over and die if there is a large scale attack involving 1000 ports or so. Other than this it is great , I use it on 4 of my boxes along with a Great hardware package.
I would really check out Sygate Personal Firewall Pro. I have been through just about every other firewall and this seems to be the most functional and customizable....well besides Checkpoint but you need a damn PHD to run that one......Good luck.
The reason i've said that you should not use a firewall is because 4 months ago, when i've started to enter on the Internet, I used Zone Alarm Pro and somebody flood me. And the problem was that this guy wasn't a real hacker. He was just a newbie that used a program made by somebody else but he did this inspite of my firewall. he disconected me in 5 minutes. Perhaps the reason was that i use a dial-up conection (I am from Romania :)) ). So I apologize if somebody thought that I gave that advice for dark reasons. And excuse my english - is not my native language. :)
I've seen many recommendations for many of the free firewalls. I've used three, Sygate being the most recent. My comments about ZA and Tiny (it was still TPF while I used it) are based on a few years ago; I'm wondering how they've improved.
Zone Alarm was very easy to configure; I just configured it to allow programs, or disallow. It notified me non-stop; very frightening to a firewall newbie LOL, till I figured that a lot of them were supposed to be happening, and I configured the notifications. After more studying, I wondered how I could have certain programs to have access to only certain ports, and domains or IPs. I couldn't find how to do that with ZA. I asked at some forum/board, and was notified that ZA couldn't do that, to try Tiny.
*Has this changed with newer versions of ZA (allowing the user to make rules that X program may have in or out connections through xxx port to xxx domain/IP)? After seeing so many recommending the current version of ZA (free), I'm curious if they'd started to allow advanced rules. After checking their comparison page, it doesn't look like they allow advanced rules to be made. Is this correct?
That computer died after we flooded. On my new pc I tried Tiny, since the newest version of ZA wouldn't run on my new pc (that was at the time that ZA wouldn't work with some computers after they'd upgraded for XP).
I couldn't figure it out; I DL'd their help PDF, and still had troubles with it. I joined their egroup, lurking till I'd worked up the courage to ask what I should search so that I could learn to make the rules. They sent me to a TCP/IP online book that I was to read first, then a rule making tutorial. It was a lot of studying, but a great learning experience.
Tiny's makers upgraded to another version, and many members had problems with it, so I didn't DL it. Many recommended changing to Sygate. So I tried that one.
Since I'd learned rule making with Tiny's egroup's help, Sygate was kind of easy to figure out. But it had more options it seemed (unless I'd not found all of Tiny's options while I had it). I denied everything, then went into advanced and made rules so that x program would have in/out access with xxx ports to xxx IP range (when applicable), and placed those rules over the deny all rule.
I don't have it on this pc to look up the exact terms, (that's why I'm searching on what free firewalls might be better), but there were a few things I didn't care for with Sygate:
[list=3][*]Run as a client had to be UNchecked for every rule I made (if I remember that correctly, maybe it was "as a service"). I read about that in Langa's newsletter.
[*]It wouldn't take domain names. I'd never had a problem having to put in IP ranges/blocks (rusty and can't remember which one), I'd look it up with Sam Spade. But I installed ICQ to chat with a friend, and apparently their IP# changed quite frequently. I had a really tough time with Sam Spade on that one :mad: I looked up on ICQ's help page with firewalls, and they wrote to enter in the DOMAIN name. I could never find a way to do that with Sygate.
I'm assuming that since ICQ wrote to enter a domain name, that other firewalls might have that option. That would be MUCH easier than looking up the IP stuff, I think.
[*]The free version wouldn't allow running stealth, and I believe it wouldn't export rules either (or maybe I couldn't figure it out, but I did try *S*)[/list=3]
I've read about Outpost here a lot, and am going to give that one a try on this pc. But if I don't care for it, I'll get Sygate again. Even though it had a few things I didn't care for, I still preferred it over the others free firewalls I've tried. I'll try to rememeber to comment on Outpost (or ask questions LOL), after I've had it long enough to feel comfortable with the configuration.
I have used zone alarm for a couple years and I tried sygate too but found sysgate was a pain i use zonealarm pro now and it works fine as i have dsl and 96 yahoo email accts and a few elsewhere, and have made a few enemies because i take no ones crap. but it has stopped everyone so far.
I also run a internet washer and a adaware prog, and another windows cleaner set to wipe every hour and when i shut the browser down and when the comp shuts off.
The free anti virus of anti_vir is a great one at www.free-av.com and zone alarm works fine as most of the time i leave computer on 24/7
Gspeed,
I think you should give ZA a try and see what you think. It`s prolly better than what you have now,which i assume is nothing? Anyways get a feel for how software firewalls work,then after that move on to a firewall with a little more control. I like outpost,but as you can see from reading here that there are many choices.
I wouls suggest a hardware firewall. I have a linksys router and feel alot safer with that.
Drop the 80 bucks on it ,or whatever ,and right outta the box it will make you much safer.
As always read alot of tutorials and if ya have a question search google.
After you install the firewall of your choice go to a website that checks your security.by doing a portscan on your puter.
here are a few:
www.grc.com shields up test
www.pcflank.com
The idea is to be "stealth".....Good luck...
P.s. Luv2havefun1963....... 96 yahoo email accounts? LOL
I too think that it is all up to personal preference .... i too used ZA, but i soon noticed bugs. It is easy to configure to your likings, but i just didnt get along with it.
I think ZA is more for the "firewall newbie". I didnt feel safe with it at all.
For more advanced users : Try using a combination of Sygate and BlackICE. Sygate gives good basic protection while BlackICE strengthens your computer even more. BlackICE is also built with a IDS, ALOT MORE options, and also gives you the option of actually completely CLOSING a port that is under attack from an intruder.
Anyways ... choose from personal preference. Its YOU that configures the firewall. :)
I have used the paid version of ZA for about 4 years and never had a problem. Easy to set up and use. It does the job for me. I run a small network at home (2000 and XP) and it integrates well with these OS's.
My 2 cents worth: Running ZA with a good AntiVirus and spyware program protects you pretty much from the outside.
Following up with my thoughts on Outpost...I was suprised out how different it was compared to Tiny (Kerio), and Sygate. It was so simplistic I was a bit nervous about it.
But, I was online in no time with my browser, email, and FTP. Haven't IRC'd or message'd yet, but I expect they'll probably be just as easy to configure.
There's pre-configured in a dropdown menu. Or you can right-click on an application (in the left pane), and make your own rules. The rules dialog box reminds me of making mail rules.
It has plugins that I didn't have with Sygate:
[list=1][*]Ads - removes ad images with many options[*]Content - can block words, or entire sites[*]DNS Cache [*]Active Content for mail, news, browser - ActiveX, cookies, referrers, scripts, applets, popups[*]Attachments Filter - renames and/or reports whatever extensions we'd like for email attachments, with many pre-entered: scraps, wsh, vbs, scr, reg, ect...[*]Attack Detection[/list=1]
The log is easier to get to, and read...it's right there in the browser.
Test Results:
[list=1][*]pcflank - stealth[*]GRC's shields up (all on the first row) - stealth (Leaktest passed too, still reported my referrer though)[*]dslreport - score=0[*]HackerWhacker - one smiley (couldn't do most of the tests w/o subscribing) [/list=1]
Oh, the newest YAFWT - Yet Another FireWall Thread. I don't actually know if this is the newest one since it's some 4 months old when *someone* decided to bring it back on top.
Anyway, for what it's worth, my .02 euros... I use Kerio Personal Firewall which is free for personal use and much more professional than ZoneAlarm. It's not that ZoneAlarm wasn't a good firewall, it is, but it's like Windows XP at its easiest, too much eye candy and too many menus and sub menus. You can easily create per port/application/IP rules with Kerio and check/uncheck them when you need to enable/disable some rules. Kerio can even be remotely administrated if you want to, although I haven't tried that one nor enabled that functionality.
On using two firewalls at once. Someone compared it to using two condoms at once: it doesn't really give you any extra protection, just makes it more difficult to get the job done. Just get one good firewall, not two bad ones... >_<
I am inclined to agree with Zero One
Zone Alarm is great for those who do not understand PCs or firewalls...and it does work a lot of the time.........for those types, it is the ideal solution.
We are possibly a litle too "eliteist" here?...we expect everyone to know the basic answers?
cheers
I have used many versions of this program and had very few problems with it, for a first step its a good 1. There are many more about but this is the easiest to use once setup.