Re: Prevent ZoneAlarm from displaying the system tray icon

From: Jason Edwards (none_at_invalid.invalid)
Date: 12/08/04

Date: Wed, 8 Dec 2004 09:55:45 -0000

<> wrote in message
> Ok. Let me rephrase. I do not want the ZoneAlarm icon sitting there,
> nor do I want to take up extra space with the "hide icons" icon.
> ZoneAlarm consists of several parts - vsmon (the actual firewall), and
> Integrity Desktop (the interface to the firewall). I WANT vsmon to
> run. It runs as a service, and I'm quite happy with it just sitting
> there and running. I do not want the interface to run unless I
> explicitly launch it. The interface takes an extra 9 MB, and has that
> ugly icon that does nothing useful for me. Plus, killing the desktop
> also kills vsmon for some strange reason. I am not looking for a way
> to disable the system tray.
> In response to John's question, I am running it because I think that it
> meets my security needs better than the XP built in firewall.

I have come across ZA on more than a few Windows XP PCs were the owner
thought it was useful. They had usually been led to believe it was essential
to have it because other people had told them so. Those who took my advice
and removed it found their internet experience much less painful.
They were advised to do other things besides remove ZA, such as use an
external box between the broadband modem and the PC, use an up to date self
updating virus scanner, run Windows update, use another browser, don't use
IE unless you have to. If you insist on using IE then an adware/spyware
remover is essential, so is correct security configuration of IE. Consider
using email sofware other than OE, Don't let the kids run peer to peer file
sharing unless you know what you're doing. If possible (not all users can)
become familiar with what processes are running in the system and what
starts at startup. Learn to spot any changes to the system configuration. A
tool such as HijackThis is useful for this purpose

The usual argument is that this doesn't control outbound connections, but
the average home user wouldn't know an outbound connection if they fell over
one so why does it make sense to expect them to be able to control such
If you have software which is making unwanted outbound connections then
either don't use that software or use a real external firewall to control
You can also use the hosts file to control outbound connections, much easier
than installing complicated clumsy software that you'll never be able to
configure properly.

This would fix your problem because if you don't have ZA then you don't have
the annoying icon that goes with it.


Relevant Pages

  • Re: ftp problem
    ... > here is my whole firewall script ... > # No restrictions on Loopback Interface ... > # or from this gateway server destine for the public Internet. ... > # Allow out secure FTP, Telnet, and SCP ...
  • Re: Checkpoint experiences
    ... decide they want the firewall used by the big boys...often repeated, ... The Nokia appliance IPSO, is useful if you don't want to take the ... It is no wonder that the Nokia interface is called ... > billions on training, and classes, consultants, support contracts, etc. ...
  • Re: Problem about ppp -nat
    ... ipfw firewall, ... Just setup your fw of choice as if the tun0 device is the external device and leave all the nat stuff completely out of it. ... My Internet interface is rl0, ... # /etc/rc.d/routing restart ...
  • Re: Lets talk about firewalls - what do we as a group think a firewall should be/have?
    ... part of the same network as the LAN. ... Each interface of a firewall should be distinct from ... interfaces, so a "DMZ interface" is not a requirement. ...
  • Proxy ARP and Routing
    ... some CPE from our ISP connected to a firewall. ... the public IPs on the physical DMZ network. ... packets to the host on the DMZ? ... on the DMZ interface. ...