Firewalls

[Guest LilBambi]

jeffw_00 --Were you referring to my response? If so ... No, I do not work for anyone, including Sygate.However, I do have many clients that I work with and help them keep themselves safer on the Internet.As far as FUD goes, I don't believe in using such tactics, never have.You were saying that you pass all the incoming tests, that's great ... and you say you trust all your apps, but do you know each line of code? How can you know all your apps that well?Or all the browser plugins, activeX scripts, javascripts, java applets, etc. on every website you visit, or every email you might get?Life is full of the unexpected -- it is what makes it such a wonderful thing.But we need to take into account the unexpected when dealing with the Internet ... If you want to do all you can to keep safe ... you must take into account the unexpected.Each person has to do what they feel is best, of course.

[quint]

Here's one that I never hear people talk about and yet it passes every on-line test as "full stealth". It's even easier to configure than Sygate or ZA, and has a fairly small footprint; also passes the most recent Leak Test by GRC. And what is it ?http://www.pcviper.com/Try it, for 30 days free (and if you need more time, it resets itself).

[Cluttermagnet]

Hello-My first time posting here.I was a little disillusioned after learning how unreliable some firewalls have been (especially those that don't block outgoing mischief). Even worse, there's sometimes a betrayal of trust by software that has cut sweetheart deals with various adware/ spyware folks and added them to 'trusted' lists so they can sneak out past the firewall, phone home, and tattle on our every internet move without ever tipping off the user. I understand that several have been seduced by the 'dark side of the force' and sold out in this way.Using the excellent grc.com site as a starting point, I researched and found that Zone Alarm appears to be effective and trustworthy so far as I can tell. Looks like Steve Gibson embarrassed several others into reinventing themselves so as to be at least somewhat more worthy of the label "firewall" I think it has become important for everyone to personally investigate and understand this aspect of networking at least to some extent. There is more than meets the eye, and first impressions really don't count for much. It's probably just as important to stay current as well. Firms sometimes change, and formerly excellent software can suddenly and unexpectedly become unsafe or at least second-rate. There are numerous examples of this among independent software of all types written for Windows in recent years. BTW it looks like there are a good number of reliable firewalls, and several of them are entirely free including ZA- so this is well worth researching.I use only a software firewall, Zone Alarm 2.6.88, on my home dialup connection with a P4 W98SE setup. I will eventually install ZA 2.6.362. Folks were very unhappy with version 3.xx and up, especially on Win2K OS's. Yikes! If 2.6.xx is substantially less protection than 3.xx and up, someone please tell me- but I figured I would skip all the nags for upgrading to ZA Pro that folks were also complaining about in 3.xx. I figure there is nothing of much interest on my little robot's HD, but of course if someone really wanted to, I'm sure they'd not have much trouble getting past ZA. Probably nothing of mine would be problematic if leaked, with the possible exception of political speech. It's getting somewhat McCarthy-like these days- hard for a reasonable person to hold even centrist political views without running the risk of being labeled unpatriotic or worse- but that's another thread...

[Guest LilBambi]

Cluttermagnet --Welcome!Yes, when ZoneAlarm first went to version 3.x it was a bit of a nightmare for some folks, but they have since fixed most if not all of these issues. It took me about 6 months before I got enough positive feedback to update to version 3.However, keeping all security related software up to date is an important thing and since they have fixed the problems we heard about earlier, I think you will be happy with the current version of ZoneAlarm.Keep in mind that I only have experience with it on Win98, Win98se, WinME and WinXP. I do not know if they fixed whatever problems were apparently evident in Win2K because only none of my local clients actually use Win2K.

[Stryder]

Cluttermagnet --Welcome!Yes, when ZoneAlarm first went to version 3.x it was a bit of a nightmare for some folks, but they have since fixed most if not all of these issues.  It took me about 6 months before I got enough positive feedback to update to version 3.However, keeping all security related software up to date is an important thing and since they have fixed the problems we heard about earlier, I think you will be happy with the current version of ZoneAlarm.Keep in mind that I only have experience with it on Win98, Win98se, WinME and WinXP. I do not know if they fixed whatever problems were apparently evident in Win2K because only none of my local clients actually use Win2K. 

No real issues with 2000 now either....at least not on my 2000 box using ZA Pro. Thought I better clarify that before I did one of those open mouth insert foot thingys.

[Guest ComputerBob]

Yes, when ZoneAlarm first went to version 3.x it was a bit of a nightmare for some folks, but they have since fixed most if not all of these issues.  It took me about 6 months before I got enough positive feedback to update to version 3.

Hi Fran,That's exactly why I am still using ZA Free v2.6.362, but now that I've read your endorsement, I'm going to finally download and install the latest v3.x of ZA Free! Thanks! Is this one of those situations when I should completely uninstall v2.6.362, clean out my Registry, etc. before installing v3.x?

[quint]

Is this one of those situations when I should completely uninstall v2.6.362, clean out my Registry, etc. before installing v3.x?

CB, that is what ZoneLabs suggest; the un-install procedures are on their site...somewhere. I'll see if I can get the URL, if you don't beat me to it.

[Cluttermagnet]

Thanks, guys-I will try the latest 3.7.xx on my old P2 98SE machine. If the guinea pig likes the latest ZA, I will put it on my P4 98SE box and make it unanimous. Yup- it is certainly best to keep your AV very up to date, probably just as true with a mere software firewall. From what I have heard, a few 'real' hackers may just laugh and blow by it anyway, but it can do a great job fending off all the script kiddies and apprentice hackers and 'zombie' compromised machines out there. I certainly see a slow but steady stream of probes even on dialup- all random and varied.

[Guest LilBambi]

quint is absolutely right.Going from version 2.x to 3.x it is best to uninstall and then install the new version.

[quint]

quint is absolutely right.Going from version 2.x to 3.x it is best to uninstall and then install the new version.

And here's what ZoneLabs has to say:http://www.zonelabs.com/store/content/supp...mInstallFAQ.jsp

[Cluttermagnet]

Uninstallation/Reinstallation of ZA 2.6.xsee: http://www.zonelabs.com/store/content/supp...AQ.jsp#1installJust as I remembered, it is easy if you are staying with the free editions. The main thing is to go uncheck the option in ZA to start with Windows. ZA may object, but persevere. Then it is best to shut down and reboot- this makes certain that none of the true vector engine is lurking in the background still running, in which case the files would be in use and unavailable for deletion. Then you do a straightforeward uninstall and then install your new 3.x over it and it should probably go just fine. It is only if you need to _downgrade_ from the paid Pro version to the free version that it gets kind of ugly. In that case, consult their detailed instructions with all those picky steps to get it completely right. This means you can remember a lot of settings if you prefer, with the simpler free uninst/reinst and have them carry over to the new version.

[Guest ComputerBob]

Thanks, everyone -- that's what I suspected. But if that's true, then why does ZA call the v3.7.143 that I just downloaded an "update"? I downloaded the v3.7.xx by clicking on the Check For Updates button within ZA Free v2.6.xxx.Now I don't know if what I downloaded is a full version of ZA free, or if it's just an update that needs to be installed over the old version. What I just downloaded was 3.x MB in size.

[Cluttermagnet]

No, even simpler than that with free to free (upgrade). Uncheck "Start With Windows", shut down and reboot to kill all of the true vector engine, install the new version right over the old, accept or reject the old settings. Zowie!

[Cluttermagnet]

Sounds like a full download to me. Not just an 'upgrade'. ZA3101.exe (obsolete) was 3.57M+.

[Guest ComputerBob]

No, even simpler than that with free to free (upgrade). Uncheck "Start With Windows", shut down and reboot to kill all of the true vector engine, install the new version right over the old, accept or reject the old settings. Zowie!

Thanks! That's what I'm going to try right now! I'll be back after I update ZA and then go to grc.com to test my ports.

[Guest LilBambi]

The ZA download is actually kinda both ... If you don't have it installed it installs it, if you are upgrading, it shuts down the current version and upgrades it for you.The important thing is that going from 2.x to 3.x always do a clean install. I have not had any troubles doing upgrades once I had version 3.x installed. But Stryder said in a previous post that he always does a clean install each time, and that would certainly work too.

[Guest ComputerBob]

I'm back, I'm using ZA Free v3.7.143, and I'm still fully stealthed, according to grc.com. I just updated from v2.6.362 to v3.7.143 without uninstalling the older version first; However, the update did run into one (apparently minor) snag.I followed Cluttermagnet's advice about unchecking "Start with Windows" and restarting. I did a Ctrl-Alt-Del, to make sure that no ZA processes were running. They weren't.I installed the ZA Free v3.7.143, using its "update" rather than "full install" option.The installation froze at 26% while copying the required files. It ignored my attempts to end its task. After a minute or so, it told me that the "Required file Zoneband.dll could not be found."I clicked on OK (the only choice).I restarted the ZA Installation program.That time, it did not ask me any questions; it just started its new nstallation at 26% and almost instantly copied all the files up to 100%.From that point on, there were no problems. GRC.com reports that I am fully stealthed.The main differences I've noticed so far are that the tray icon now has vertical "incoming" and "outgoing" indicators, instead of horizontal, and now I have the option to have ZA Free protect me "silently" so its tray icon won't start flashing every time my ISP pings me.Thanks, again, Cluttermagnet and everyone else!

[Guest ComputerBob]

The important thing is that going from 2.x to 3.x always do a clean install.

Fran, I didn't see that until after I had already finished installing over the top of the old version. Thanks anyway!

[Guest LilBambi]

The important thing is that going from 2.x to 3.x always do a clean install.

Fran, I didn't see that until after I had already finished installing over the top of the old version. Thanks anyway!

LOL! Can't win them all

[JackR]

Basic Protection for Broadband Internet Installation.What is the Best Firewall?..

[Marsden11]

Nav and Zone Alarm and other software products are as easily unloaded by software as they are loaded by software.Running software for security is a lot like screwing for virginity.It's a heck of a lot harder to unload/disable an embedded firewall. It's also much more difficult to spoof them.The ultimate solution, of course, is to run a powerful but small embedded operating system that takes no outside connections, with multiple interfaces where no connection is permitted in or out that is statefully inspected. My firewalls are configured such that I can blast the firmware and update. But they are also set up such that if you do nuke the firmware, they become a non-functional brick that blocks EVERYTHING in and out.The only means to alter my firewalls is to physically be in front of them with no network link touching the box. You must physically disconnect them in order to change them in any way. Even temporarily adding a port or removing a port (or a machine on a physical port) requires they be disconnected from the network.The previous working configuration is stored in backup encrypted flash such that it is two keystrokes at any moment to move the new config out and the old back in if I've made a mistake.