Re: They can break ZoneAlarm easily !

From: David (davidwnh@adelphia.net)
Date: 10/07/02 

From: "David" <davidwnh@adelphia.net>
Date: Mon, 07 Oct 2002 07:01:16 GMT

It was definitely a file sharing issue, which is just about the worst hole
to leave open on a windows machine. Being a "personal" firewall which is
made for your average Joe ZA should not only block this by default (which I
think it does), but also needs to have good documentation on such a feature,
and should alert people to what they risk when they disable such settings.
Being easy to set up for the average user as well as having thorough,
intuitive documentation is all part of the whole picture. Look at all the
posts about lsass.exe and services.exe as it regards to ZA and then wonder
why this info isn't in the documentation or even on their website. You
shouldn't need a computer science degree to properly set up software that's
marketed to the average consumer. That is the whole idea behind software
isn't it, to make things easier? I had to use the MS Technet site as well
as other networking and firewall sites to get the information I needed to
attempt to tweak the settings in ZA. Why the hell can't you answer them from
their documentation or website? Why does their technical support website
include only 9 "faqs" of which most are just marketing info? So it really
does have something to do with ZA.

As far as quality I tried using ZA for abt 2 months and it fell way short in
several categories. Try using it with 802.11b! Try using it on a LAN. If you
want to block broadcasts from one adapter but not another for example you
can't do it. It totally screws up a lot of services that rely on broadcasts
on a LAN if you want to have certain protections from the internet. The
privacy protection screws up IIS on the same machine even if you set IIS as
trusted and no privacy protection on trusted zones.I had a time server on my
LAN but had to open the port in both trusted and internet zones in order to
get access to it from my LAN ip's which were all in the trusted zone. That
in itself shows how poor the program is at discerning between trusted and
internet. With a lot of tweaking between hi-low security and open-close
ports you can get better results for some services in a LAN/internet set up
but not as much as it should and its a crap shoot to see which setting
overrides another. At boot up the program has intermittent trouble
discerning what is trusted and what isn't to the point where it can screw up
a WIN2K domain login and group policy application. They need to make the
program determine service dependencies or it will never work right at boot
time(this seems to a problem with a lot of personal firewalls however). You
have to add the loopback adapter(127.0.0.1) to trusted to get some internet
servers to give access to their own machine. Easy enough for some of us to
figure out, but for the average Joe how about some documentation or a
default setting. I've been through about five updates and have to say that
none of the bugs I reported have been fixed, the program is even less stable
than previous versions, and now they are more concerned with locking out
crackers(which added another bug) than fixing the problems that us paying
customers are having. I realize I tried to push the program to its limits
and the program might be adequate for the average Joe who just surfs the web
and answers his email with a dialup connection, but you'd have to be nuts to
trust ZA on broadband without a router.

I can't say it's any better or worse than some of the other "personal"
firewalls out there, but the frequency of updates as well as this and other
information posted on the web should make it evident that these programs
aren't a "set it and forget it" kind of thing.

"mhicaoidh" <mhic_aoidh@hotmail.NïX.com.SPäM> wrote in message
news:ZZ6o9.70396$dp1.189723@rwcrnsc52.ops.asp.att.net...
> Taking a moment's reflection, David mused:
> |
> | Zone Alarm is not as good as they advertise it to be.
>
> Actually, it is ... as are most of the other personal firewalls. As
the
> OP stated later in the thread, he found out how the person put the file
> there, and it had nothing to do with ZoneAlarm.
>
>

Relevant Pages

  • Re: Thoughts on MS Microsoft AntiSpyware beta
    ... Should I use both Internet Connection Firewall and a software firewall ... from a different company on my Windows XP computer? ... Running multiple software firewalls is unnecessary for typical home ...
    (microsoft.public.windowsxp.perform_maintain)
  • Re: Network Connections x 2 PCs
    ... >>> protect it from access by hackers on the Internet. ... >>getting the (LOGON failure: the user has not been granted the requested ... on both PCs we created User Accounts with passwords. ... >>disconnecting the Internet Modem, disabled all our Firewalls, but still ...
    (microsoft.public.windowsxp.general)
  • Re: Security concern with ping?
    ... > I have my linux box properly running squid and Jay's Firewall. ... After running a few internet ... Why may it be important to allow the internet to ping my ... To make the situation worse personal firewalls decide ...
    (comp.os.linux.networking)
  • Re: I just scanned months worth of posts, but still wonder about this basic question...
    ... > I'd strongly recommend a hardware device such as a Netgear RP114. ... > Internet from each computer, whether or not any other is up and running. ... I tired many other firewalls but Kerio's one ... difference over the internet connection) you cat just plus the modem ...
    (comp.security.firewalls)
  • Re: service.exe
    ... Services.exe is a necessary file/process for Windows 2000/XP. ... run a virus scan on your computer with the very latest virus definitions. ... applications/process are listening or connected to the internet. ... Personal firewalls can also be configured not to bother you again ...
    (microsoft.public.win2000.security)