Just a quick note to warn everyone of problems with Zone Alarm 5.
I updated from version 4.5 a couple of weeks ago and have had nothing but major, major problems (restarts, lockups, failing to startup etc.). It was also just after a got my new PC, so I thought the problems were related to this and have driven my PC dealer nuts.

ZA 4.5 worked without a problem. From what I have read ZA 5 has major problems with some PC's and not others (works perfectly with my older PC for example).

So if you are thinking of upgrading be warned.

...Rob

No worries here. I stopped using Zone years ago. One of the worse firewall programs a person could install on thier computer.

Is the firewall that comes with win XP any good.

From what I have read, the XP firewall it is very good at blocking attempts at breaking into your PC (provided you keep up to date with the XP updates). What it is not good at, is stopping anything leaving your PC towards the Internet. It seems when Service Pack 2 is released in a few weeks it's Firewall is an improvement (I guess time will tell..)

.... Rob

Am I wrong in believing that with a wireless router, software firewalls are not necessary?

Am I wrong in believing that with a wireless router, software firewalls are not necessary?

I really think you should ask somebody knowledgeable of network stuff about your exact configuration.

I wouldn't bet on your assumption (unless the router has a firewall included and it's activated).

Best regards,
Andy

I use Zonelarm 5.05 and have not had any problems you describe. I think ZoneAlarm and their ZoneAlarm Pro products are fine software firewalls and I use them to protect all of my computers, including personal and buisness computers.

Post us some links about ZoneAlarm causing problems? I've gone through the upgrade cycle with ZoneAlarm since their early 2.x version days and never had any problems.

And I would not consider myself a newbie with computers. I am more of a computer geek than a photographer. 8)

I used zone alarm for a while, then got a trial for McAfee Personal Firewall Plus, its so much nicer...i went out and bought it the next morning

If you look on Zone Labs own forums you will see people are having many problems. It seems it doesn't affect every PC. I have 2 PC's and the other one works abolutely fine with version 5.

...Rob

Am I wrong in believing that with a wireless router, software firewalls are not necessary?
Hi Tom, firewalls are just as important in a wireless environment as it is in a wired environment, in fact it's even more important being that now your neighbor or anyone else(if you have one within range) can now detect the presence of your WLAN (Wireless Local Area Network) and attempt to connect. Enabling WEP (Wired Equivalent Privacy) is a step toward ensuring your data is encrypted and that your WLAN is accessible only by you. Technically, even WEP isn't secure; but it keeps honest people honest.

Any time you implement a segment in your network as in installing a router, access point or bridge you're increasing the security buffer between you and the outside world. It's an additional hurdle required to pass before someone can knock on your computers' door. It doesn't lock any doors, it just makes the doors harder for outsiders to find. Most people set up all their home gear with the default admin logins though, so it doesn't matter how good your gear is - default logins are the first thing tried. My next door neighbor said he wasn't worried about it, so I logged into his Wireless Access Point (via laptop & lawnchair) and locked out his internet connection to prove a point. He didn't want to deal with the 'hassle' of setting up WEP; I used a Fluke Optiview Wireless monitor to show him the error of his ways. The Optiview is a spendy piece of equipment but there are free software protocol monitors available for wireless enabled laptops that allow the technologically inclined to "sniff" (read) your data packets. It takes some work, but it's doable. For the most part, most people never have to worry about packet sniffers, but the fact that I have five wireless networks (neighbors) available that aren't secure piques even my interest; and I'm a good guy (just ask me).

Where ZoneAlarm is good is in its ability to block outgoing traffic. The past couple IT years have seen more backdoor traffic generating programs than actual PC destroying Virus Infections. A firewall is only as good as it's configuration, but ZA has been one of the best free software firewalls available. Apparently the new version is still quite buggy, but it'll get ironed out in time. Gibson Research does great stuff and their support of ZA is worth noting.

Most people think of a firewall as protection from outside attacks in, but the recent MS exploits and many trojan programs aren't stopped by Virus programs or basic firewall configs. Using a firewall to block unauthorized outgoing traffic immediately stops the propogation of that type of program by preventing your computer from spreading it. Being able to view the firewall logs or notices alerts you to the fact that something unusual is attempting to generate outbound traffic from your computer. Without some form of prevention your computer can produce a lot of traffic before anything comes to your attention if it does at all.

There are a lot of aspects of Wireless that are a compromise of convenience and security but it's not difficult to establish a relatively secure environment with just a few configuration changes.

My initial recommendations for anyone behind a router be it wired or wireless is:

1. Rename the Router/Access Point.
1. Reset the admin username/login.
2. Change any of the first three octets of the Default DHCP from 192.168.1.0 to anything other than that. (192.168.6.0 or 192.165.0.0 for example)
3. Enable at least 64bit WEP (if implementing wireless).
4. Make sure "Guest" accounts are disabled in the Operating systems.
5. Ensure all "shared" file permissions only give access to accounts w/in your network.

That's a good start.

Have a paranoia free afternoon :).

One of the tricks I used to do that was EASY to implement in Win98/95 networks was limiting the File sharing to use only the ipx protocol..

A very simple trick.. all 'net access is via TCP... thus if you could only share on IPX.. then your files were safe.

In WinXP this is till "doable" but my lord they have made this tricky to pull off :(

I sometimes scratch my head and wonder why I have zonealarm installed.

My computer sits behind a netgear switch which connects to a linksys router which connects to a hardware firewall machine (running smoothwall) which connects to the big bad world.

Maybe I'm just being paranoid :? :?:

I sometimes scratch my head and wonder why I have zonealarm installed.

My computer sits behind a netgear switch which connects to a linksys router which connects to a hardware firewall machine (running smoothwall) which connects to the big bad world.

Maybe I'm just being paranoid :? :?:

Go to http://www.grc.com/default.htm and do the "ShieldsUP" tests. It will show if you have a need for better firewall or not. Of course that test does not test traffic out from your machine by trojans....

Pekka,

Thanks for the link to "shields up" . The XP Firewall passed the tests.

... Rob

Nice link Pekka - thanks for that!

Your Internet port 139 does not appear to exist!
Unable to connect with NetBIOS to your computer.
ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.


Hey I think I passed :lol: