Jump to content



Photo

Zone Alarm is a joke.


  • Please log in to reply
86 replies to this topic

#46 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 14 October 2012 - 16:58

Has anyone ever thought for a second that if your computer is compromised wouldn't the software that is running in the os be compromised as well?

The way I look at it, if your computer is compromised it is already too late. Just because you get a warm and fuzzy that your software firewall is blocking all outbound communication don't believe it is. If anything that the earlier revisions of za taught me is don't believe it is disabled (because it isn't) and don't believe it is blocking things from communicating (because it isn't).

The only way to be sure is to block it on the hardware level. This has not gotten cheap enough, IMO, for the home network. You want to block outbound and know for sure what your network is doing get a firewall distro like pfsense, monowall, or smoothwall... Once your computer is compromised it is hard to know for sure that the software on it is 100% in tact.


#47 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 14 October 2012 - 16:58

Why don't you install Threat Management Gateway on each computer

I don't understand why a lot of the so called 'experts' on Neowin seem to be fixated on advising people on using the half baked Windows 7 firewall or not having a firewall at all. By default, the WIndows 7 firewall allows all outbound traffic. You can set it to block outbound traffic but then you will have to manually create a rule for each and every application which you wish to allow access to the internet (talk about tedious). Most annoying of all is that it will not prompt you when a new program wants to establish an outgoing connection.

'Experts' of Neowin, please explain to me how your NAT gateway, your beloved MSE and half baked Windows 7 firewall at default settings will protect against unknown 0-day threats or driveby's from sending out your keystrokes or personal files to the attacker?


Why don't you install Forefront TMG 2010 on each client computer that'll keep those nasty outbound connections at bay./s

Overkill much ? centralize all this at the edge firewall.

#48 Javik

Javik

    #GamerGate

  • Tech Issues Solved: 2
  • Joined: 21-May 12

Posted 14 October 2012 - 17:06

Not used a software firewall since the basic one introduced with XP SP2, and never been remotely hacked. Almost every ISP will supply you with a router these days and I've always found that works just fine.

#49 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 14 October 2012 - 17:12

NAT gateways stop incoming attacks, I think that's something we can agree on. A user instigates what comes in and goes out on a network, yes, but how will NAT help in a driveby malware attack where it goes under the radar of an AV's heuristics? Just so you know, malware does tend to call home.

As for firewalls being good for untrusted wireless networks, the average Neowinian with little knowledge in networking would assume simply running a firewall would protect them which is far from the truth. A software firewall is useless on untrusted networks unless you set it up to block all traffic apart from the port you are tunnelling on. Better advice would be to use a VPN instead.

Why can't you be content what you "think" and help the OP instead.

I am fully aware that they call home and do not rely on a infected system to tell me that it is communicating out.

A software firewall useless on an untrusted network? Wow this is funny....you clearly have absolutely no clue about anything. This made me chuckle a bit. Please tell me more.....The software firewall bocks communication from anything outside of the computer by default. No other configuration needed. You need to create rules to allow communication with other network computers. Even the windows firewall wants to believe everything other than the host pc is hostile. I am not even touching the VPN comment, it doesn't belong in this convo.

#50 HawkMan

HawkMan

    Neowinian Senior

  • Tech Issues Solved: 4
  • Joined: 31-August 04
  • Location: Norway
  • Phone: Noka Lumia 1020

Posted 14 October 2012 - 17:19

I am fully aware that they call home and do not rely on a infected system to tell me that it is communicating out.

A software firewall useless on an untrusted network? Wow this is funny....you clearly have absolutely no clue about anything. This made me chuckle a bit. Please tell me more.....The software firewall bocks communication from anything outside of the computer by default. No other configuration needed. You need to create rules to allow communication with other network computers. Even the windows firewall wants to believe everything other than the host pc is hostile. I am not even touching the VPN comment, it doesn't belong in this convo.

The irony is that one of his replies(in fact the one to me where I brought up that exact issue) is that viruses will disable your security systems so you need your software firewall to protect you ... which isn't it's purpose in the first place, and somehow it magically didn't get deactivated, which is even more interesting since most software firewalls allows local software to self allow themselves without malicious intent, and as malicious software it would most certainly disable both AV and FW among other systems.

heck even non call home malware and bad ware I clean from clients computers usually have any firewall completely disabled or usually broken. it's far more common for malware to break the firewall than the AV which is often just disabled.

#51 JJ_

JJ_

    Neowinian

  • Tech Issues Solved: 2
  • Joined: 31-July 05

Posted 14 October 2012 - 17:25

I am fully aware that they call home and do not rely on a infected system to tell me that it is communicating out.

A software firewall useless on an untrusted network? Wow this is funny....you clearly have absolutely no clue about anything. This made me chuckle a bit. Please tell me more.....The software firewall bocks communication from anything outside of the computer by default. No other configuration needed. You need to create rules to allow communication with other network computers. Even the windows firewall wants to believe everything other than the host pc is hostile. I am not even touching the VPN comment, it doesn't belong in this convo.


Let me rephrase that. A software firewall is not entirely useless on an unsecured network but lets put it this way, I would be more concerned about encrypting my outgoing traffic.

No I don't get a warm fuzzy feeling running a software firewall and call me paranoid or whatever you like but I like to keep tabs on what can and cannot access the internet on my personal computer(s).

HawkMan your post consisted of too much nonsense to merit a response

#52 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 14 October 2012 - 17:47

Alright since you want to go there, what is not encrypted? Most sites that require a password is encrypted via ssl. Go ahead and get me on my searches and my chat that is meaningless. My banks are all ssl encrypted. Anything that I need to do for my company is VPN secured that could be deemed sensitive. You are actually pretty secure simply by breathing.

#53 HawkMan

HawkMan

    Neowinian Senior

  • Tech Issues Solved: 4
  • Joined: 31-August 04
  • Location: Norway
  • Phone: Noka Lumia 1020

Posted 14 October 2012 - 18:34

HawkMan your post consisted of too much nonsense to merit a response


Funny, since you repeated the same thing yourself, except ignoring the key fact that once you're compromised, your firewall is also.

#54 paxa

paxa

    Neowinian

  • Joined: 04-June 04
  • Location: so far away....nearly in the end of the world

Posted 15 October 2012 - 01:54

despite being a resource hog. back when i used circa 2004. i was always frustrated with it. it hogged the pc resources and offered little or no protection whatsoever. back then i just uninstalled and let my computer be fully "open" to the network. windows firewall is not great, but it works. but nothing beats a router with a custom firmware and well configured

#55 +goretsky

goretsky

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 12-March 04
  • Location: Southern California

Posted 15 October 2012 - 09:24

Hello,

It depends on the type of threat being countered. For example, the firewall software I'm using things like specific options to detect and block traffic from network worms, warn about ARP and DNS poisoning and a few other features beyond a simple binary "yes/no" block of packets entering or leaving the network stack.

I think Windows Firewall provides pretty good basic protection, but I like having more fine-grained options to protect against threats as well as the alerts my firewall provides.

By the way, as a disclaimer, I actually work for a company which makes a software-based firewall, but the things I've mentioned above are not specific in particular to my employer's software. Most—if not all—third-party software firewalls do this.

Regards,

Aryeh Goretsky




Wouldn't Windows' built-in firewall on an up-to-date installation do the job just fine in those situations? At our school and dorm network for example all clients are isolated and can't communicate with each other.



#56 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 15 October 2012 - 09:31

despite being a resource hog. back when i used circa 2004. i was always frustrated with it. it hogged the pc resources and offered little or no protection whatsoever. back then i just uninstalled and let my computer be fully "open" to the network. windows firewall is not great, but it works. but nothing beats a router with a custom firmware and well configured


TMG 2010 does :shifty:

#57 remixedcat

remixedcat

    meow!

  • Tech Issues Solved: 1
  • Joined: 28-December 10
  • Location: Vmware ESXi and Hyper-V happy clouds
  • OS: Windows Server 2012 R2
  • Phone: I use telepathy and cat meows to communicate

Posted 15 October 2012 - 10:58

Barracudaaaaaaaaaaaaaaa!!!!!!!!!!!!

#58 .Neo

.Neo

    Generic User

  • Joined: 14-September 05
  • OS: OS X Yosemite
  • Phone: iPhone 5s

Posted 15 October 2012 - 11:04

Zone Alarm is a joke.

Which is no laughing matter.

#59 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 33
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 15 October 2012 - 11:26

Barracudaaaaaaaaaaaaaaa!!!!!!!!!!!!

Web filter....

lol

#60 cork1958

cork1958

    Neowinian

  • Tech Issues Solved: 2
  • Joined: 04-October 02

Posted 15 October 2012 - 11:45

I have windows firewall enabled but that doesn't allow you to block applications from calling home (as far as i'm aware) so i have zonealarm too. I use avast antivirus as MSE is awful, it misses so many viruses, can't remove viruses and has loads of false detections, can't believe others don't hate MSE too.

I may try a different firewall app soon though.


Use this along with Windows firewall to monitor outgoing traffic, if you must!

Make sure to get the free version,
http://www.sphinx-so...ista/order.html