What version of ZOneAlarm fastest with XP SP2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Today I use 6.1.744, but I often see advices in discussions about
using older version (like 4.5.594) is much faster even with XP and
that the security is just as good (I have a router with a firwall so I
only use ZA to monitor outgoing programs, is there anything else I
could do to speed up things?)
--
 Lars-Erik  -  http://home.chello.no/~larse/ -  ICQ 7297605
  WinXP, Asus P4PE, 2.53 GHz, Asus V8420 (Ti4200), SB-Live!

Re: What version of ZOneAlarm fastest with XP SP2

Lars-Erik ěsterud wrote:
Quoted text here. Click to load it

If you keep your system clean of software that is only a marketing gag
(like personal firewalls) it well be at best speed.
Activate the XP included firewall and that is all you need.

--
Ulf Leichsenring
ulf@leichsenring.net

Re: What version of ZOneAlarm fastest with XP SP2

Ulf Leichsenring wrote:

Quoted text here. Click to load it

Why on earth would I do that?  I have a hardware firewall in my
router. The WIndows firewall will add NO benefits for me.

I mainly use the ZA firewall to monitor what programs try to send data
or act as servers. The optimal solution for me and others with a
hardware firewall would be a small program that just did that
(monitored what programs trying to access internet).

Is there such a program out there?
--
 Lars-Erik  -  http://home.chello.no/~larse/ -  ICQ 7297605

Re: What version of ZOneAlarm fastest with XP SP2

Lars-Erik ěsterud wrote:
Quoted text here. Click to load it

Hi Lars-Eric

Sorry, but this function can't be done by any program (Personal
Firewalls) because malicious software can deactivate this monitoring on
Windows systems without your knowledge.
Please take a look at
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
in the secion called "Myth: Host-Based Firewalls Must Filter Outbound
Traffic to be Safe." for further information from Microsoft about this
security myth.

--
Ulf Leichsenring
ulf@leichsenring.net

Re: What version of ZOneAlarm fastest with XP SP2

Ulf Leichsenring wrote:

Quoted text here. Click to load it

Well well, I can stop most usual programs (windows services, media
player etc) from accessing or acting as server. That helps a lot (just
stopping all those microsoft services listening or sending info :-)

Of course I have a anti-virus too (and as stated a hardware
firewall/NAT router)...

So I only need the "program access" part of ZA actually
--
 Lars-Erik  -  http://home.chello.no/~larse/ -  ICQ 7297605

Re: What version of ZOneAlarm fastest with XP SP2

Lars-Erik ěsterud wrote:
Quoted text here. Click to load it

You can only stop programs that are so gentle to let them being stopped
by another software.
To stop microsoft services from listening or sending infos why don't you
just stop the service on the system. And if you are not sure, if a
program (eg. media player) sends information over the internet, why
don't you choose an alternative software in what you can trust.
I don't run software, that I do not trust.

--
Ulf Leichsenring
ulf@leichsenring.net

Re: What version of ZOneAlarm fastest with XP SP2

Ulf Leichsenring wrote:

Quoted text here. Click to load it

Some MS programs always try to send/receive things :-(
And I have to use some of them :-(

I have stopped all services I don't need of course :-)
--
 Lars-Erik  -  http://home.chello.no/~larse/ -  ICQ 7297605

Re: What version of ZOneAlarm fastest with XP SP2

Ulf Leichsenring wrote:

Quoted text here. Click to load it

Although I mostly agree with what's being said there, this little blip=20
made me wonder:
"Outbound filtering is only useful on computers that are already=20
infected. And in that case, it=92s too late=97the damage is done."

The damage is done, but outbound filtering could have prevented the=20
payload from being delivered. Getting infected and letting info leak=20
from your system afterwards are two different things IMHO. In cases of=20
malware that's smart enough to circumvent your PFW, that doesn't do a=20
bit of good of course. But there's also malware that actually can be=20
stopped before doing _more_ damage (beside the infection).

People that can't (or won't) understand security, like the grandmother=20
in that article, could be helped by a PFW that doesn't let anything=20
connect out that it doesn't have a rule for. That is, when the PFW is=20
configured to only allow known programs and assuming the malware in=20
question doesn't hijack another program's connection.

I've been reading this ng for quite a while, and I agree with most=20
people here that prevention is way better than trying to cure an already =

compromised system after the fact. But what about those cases where a=20
PFW can limit the damage when infected? Doesn't that have _any_ merit at =

all, especially for inexperienced users?

Re: What version of ZOneAlarm fastest with XP SP2

user@domain.invalid says...
Quoted text here. Click to load it

Sure it does, but the idea that you can prevent apps from getting out,
once the system is compromised, is just folly. What you want the PFW to
do is block outbound by port or protocol, not to care about about what
application.



--

spam999free@rrohio.com
remove 999 in order to email me

Re: What version of ZOneAlarm fastest with XP SP2

Leythos wrote:

Quoted text here. Click to load it

Consider that I was talking about the average Joe, who might have
clicked on a shady e-mail attachment, or visited a "bad" website.
Without a PFW he likely wouldn't know he just got infected and
information about his machine got sent to a hacker somewhere, ready to
be exploited. On the other hand, even if he did have a PFW and it
notified him about some funny business going on, he probably would've
clicked "Yes, allow" to get rid of that annoying popup window :-/

I don't know what I'm trying to say here... I'm beginning to think that
the only truly safe system is one that can't be used (and thus can't be
abused). The only case where my example _might_ work, is when someone
knowledgable enough has already configured the machine correctly
(hardened the OS). But even then I have my doubts.

Quoted text here. Click to load it

True, but the average user doesn't want to get involved in configuring
his machine. He just wants to turn it on and use it, like he would a
television or microwave oven. PFW companies are cleverly playing into
this. As long as they can sell the idea that security is "easy", they
will be around. Together with people religiously defending outbound
blocking by application.

Re: What version of ZOneAlarm fastest with XP SP2

user@domain.invalid says...
[snip]
Quoted text here. Click to load it
[snip]

I run a PFW, not windows, on this laptop, and I've run one on every
laptop we own, for years, and always found them to be of great benefit
and of little trouble. We take our laptops to many locations, to
compromised networks of new customers, we watch the port traffic inbound
to look for compromised machines, we also have clients with PFW
solutions on their portable devices, and not one of them has ever been
compromised.

I also know a lot of people using PFW solutions that have been
compromised by not knowing what to block/permit and unknowingly allowing
something they should have blocked. I have not seen any websites take
over a protected computer, not seen any probes take over a computer,
I've only seen users download/install something that has poked a hole or
disabled the PFW solutions - and in most cases the little start item
that flashes a warning about the PFW being disabled was enough to clue
them in.

So, while many people will state that a PFW is a risk, that windows
firewall is the only real solution, that all PFW are bad, the real world
shows that they do offer benefit, but, they don't offer more risk than
any other method (except to disable the computer), in most cases.

I will keep using my PFW on my laptop and all the company laptops and
all our clients laptops, as it give them an indication, which Windows
firewall doesn't even attempt to do.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: What version of ZOneAlarm fastest with XP SP2

prophet wrote:
Quoted text here. Click to load it

But most of the inexperienced users equipped with personal firewalls
behave like: "I don't have to be carefully while using the internet. I'm
totally secured by this <fill in your preferred pf-software name>."
And then they will click on every dubious link and email attachment. I'm
working in it-security for more than 10 years now and that's the reality
unfortunately.


--
Ulf Leichsenring
ulf@leichsenring.net

Re: What version of ZOneAlarm fastest with XP SP2

Ulf Leichsenring wrote:

Quoted text here. Click to load it

Their problems. IT techs need to have work too :-)

Quoted text here. Click to load it

Even employees in IT companies does this (especially sales-people :-)
--
 Lars-Erik  -  http://home.chello.no/~larse/ -  ICQ 7297605

Re: What version of ZOneAlarm fastest with XP SP2


Lars-Eriksterud schrieb:

Quoted text here. Click to load it

So why on earth would you use Zone Alarm? It will add NO benefits for
you.

Quoted text here. Click to load it

As others told you before, this will not work.

Quoted text here. Click to load it

No

Regards
Thomas


Re: What version of ZOneAlarm fastest with XP SP2

Thomas wrote:

Quoted text here. Click to load it

Oh yes. It will alert me when some of MS programs try to either send
some data (usually unneeded) or "act as a server" (for something I
don't need or use). I like to keep track of what is happening :-)

Quoted text here. Click to load it

For malware and viruses yes, but I guess they will be caught be the
AV, but for "serious programs" it will. I can deny MS programs access,
I can deny Word access, I can stop "host services" from beeing servers
--
 Lars-Erik  -  http://home.chello.no/~larse/ -  ICQ 7297605

Re: What version of ZOneAlarm fastest with XP SP2


Lars-Eriksterud schrieb:

Quoted text here. Click to load it

Disable services you don=B4t need, and you=B4re done. Far more reliable.
Plus don=B4t install programs that phone home if you don=B4t want them to
phone home. Or disable the phone home function.
Quoted text here. Click to load it

If they try to establish outbound connections, your AV has very
obviously _not_ caught them. And your system is toast.

Quoted text here. Click to load it

A "serious program" will not try to establish outbound connections
without you knowing about this.

Quoted text here. Click to load it

It can stop everything that allows Zone Alarm to stop it. I will not
stop anything that does not allow ZA to stop it.

Regards
Thomas


Re: What version of ZOneAlarm fastest with XP SP2

Thomas wrote:

Quoted text here. Click to load it

Some MS programs don't behave. Why should the printer spooler have
Internet access (it ask for), why should it have "act as a server",
and most MS programs send thing even with "phone home" off.

So even if it is not fullproof the program check funtion of ZA does
make it possibel to stop lots of programs from sending/listening.

And for malware I have anti-virus anyway (though I don't really need
that I think as I have never gotten anything, it's just to be a bit
awake on what links and messages you click on and don't use Outlook)

Quoted text here. Click to load it

They are caught. I get a "xxxxxxx is asking for server permissions"
etc. Have you ever used ZA or similar. I catches them, asks if they
should be able to communicate, and if not you can block them. ZA is
hooked on a very low level of the communication system in Windows (if
you stop the firewall service, nothing gets out from the machine).

Quoted text here. Click to load it

Tell that to MS :-)

Quoted text here. Click to load it

How does that get passed the "wsmon" service then?  Does it have it
own network drivers all together then (since ZA has patched into the
system drivers). I know huge serious companies using ZoneLabs
firewalls on their PCs (with central administration). Are they stupid?
--
 Lars-Erik  -  http://home.chello.no/~larse/ -  ICQ 7297605

Re: What version of ZOneAlarm fastest with XP SP2

Quoted text here. Click to load it
Use opera  ,and a light av like antivir.
me

Re: What version of ZOneAlarm fastest with XP SP2


Quoted text here. Click to load it
I have used all of the versions since 4.5.xxx or thereabouts.  Quite
frankly, I can't see any difference in speed.  Mine is the free version.
Jim



Re: What version of ZOneAlarm fastest with XP SP2

Quoted text here. Click to load it

I also use the freebie and update it frequently. I have never noticed
any slowdown or any other problems with ZA.

If you believe every piece of trash talk you read in this group, you'll
drive yourself weird.


-=-
This message was sent via two or more anonymous remailing services.





Site Timeline