ZoneLabs: The Hot Stuff In Firewalls

BusinessWeek ^ | Alex Salkever

[Reaganwuzthebest]

Despite the tech doldrums, this computer-security outfit has just secured $24.3 million in new VC funding, and sales are exploding.

Can you give something away and still make money? That was the way of the early Web, and few companies that charted that course in those treacherous waters lived to tell the tale. Then there's ZoneLabs, which started out in 1997 handing out free downloads of an advanced personal firewall.

[Rooster48]

NetBus the original hacking tool was a Microsoft product. The greatest spammer is Microsoft. They've been busted selling Hotmail lists.
Now they introduce Paladium for our protection. That's gotta be the greatest marketing scam in history.
Look in your Windows for a directory named DRM. That means your computer belongs to Bill Gates. He's just letting you use.

[Reaganwuzthebest]

Can Palladium run on Windows 98SE, or is it meant for XP? I intend to keep what I have as long as I can before upgrading.

[bobwoodard]

When you say firewall, are you referring to software or hardware? I'd agree a hardware firewall would be overkill.

The problem is that the default installation of MS OSes (like the Pro/Server versions of 2000/XP) comes with those services (HTTP/FTP/SMTP/???) turned on and running by default. The good news is that MS has recently indicatedthey would be locking these down by default.

Sure XP/2K might not be your typical home setup, but 95/98/ME had their own set of vunerabilities. The l33t k1dz will go for _any_ vunerability and the best way to cut out _most_ types of attacks is a firewall and ZA is an inexpensive solution.

Personally, I've gone the ZA & Linksys router combo and it works great.

[Free the USA]

Index Bump

[JimVT]

I use it.

Had the freebie for a few years and decided to buy the "Pro" version.

It's got a few more bells and whistles, doesn't cost much ($20?) and avoids the pop-up "buy me" ads.

[NerdDad]

You are correct that email and downloads are the main culprits for most people. However, I'm not most people. Everything I've said, except to answer Parsifal's question, has been about always on connections such as Cable and DSL. I get an email every morning from my hardware firewall listing 20 to 300 attempts to penetrate (scans) with trojans--every day. I don't want to scare ignorant people. I want to educate ignorant people. The average home user on a 56k modem is not vulnerable to the kinds of scans I see. But that does not mean they don't get scanned and it does not mean they do not get hacked. More importantly, as "Joe Sixpack" moves from his 56k modem to DSL or Cable, he must understand the dangers that come with always on connections.
I haven't said it on this thread yet, so I will. The best defense against having your computer penetrated by a virus or trojan is to not be connected to the Internet unless you need to be connected to the Internet. When a computer on my home network is not being used, I expect it to be turned off. When no one on the network needs to be on the Internet, the cable modem is on standby. When we are not at home, everything is turned off. Just because you have an always on connection does not mean that it should always be on. When it is on, you need a minimum of protection against virus and trojan invasion. Software such as Zone Alarm needs to be coupled with virus protection. Norton Internet Security contains both. I go for overkill. I have a hardware firewall and NIS. I also have Zone's Pest Patrol. I get at least one email daily that tells me my efforts are warranted.
Your mileage may vary.

[TC Rider]

You two to do nothing but scare ignorant people. Millions of ports get probed everyday. It doesn't mean you're "under attack".

I wonder why million of ports are getting probed every day? Could it be because of ignorant people who don't close their ports? Making their systems vulnerable to zombies that can then go out and probe another million ports.

Sometimes, ignorant people need to be scared, to get them off of their dead @sses and take some responsibility for their corner of the internet.

I agree that a port probe doesn't equal a DOS attack, but, it is an attack, none the less.

Slackers make my life difficult every day. Those ignorant souls that don't secure their email servers from relays, help fuel the mountain of spam my organization deals with every day. Those that don't secure their servers and desktops systems from zombies, just insure we'll have more Code Reds and DOS attacks.

[WaterDragon]

So! What is ZoneLab's url?the

[Reaganwuzthebest]

ZoneLabs

[Chemnitz]

Cable and DSL guys MUST have a firewall. They are always on the Net (whether using the browser or not) as long as the computer is on. But really you should firewall too. You don't know how many intrusions there are until you stop them.

[Ernest_at_the_Beach]

What is your operating system?

I run Windoze 95 with lots of stuff , netcaptor, outlook(MS), Notetab lite,flyswat, Norton, etc. in 256M so I get starved for memory and lock up. When I do Cntrl, alt del first time Zonealarm always shows as the active guy, but I think that is in error. I just think I have an overloaded system. am working to change that!

[Political Junkie Too]

Here's the configuration that I like best:

• Firewall: Zone Alarm from Zone Labs.
• Virus Protection: VirusScan 6.0 from McAfee Internet Security 4.0
• Privacy: Guard Dog from McAfee Internet Security 4.0
• Ad Blocking: AdSubtract from Intermute.

Each of these applications has features that, when combined, make a great privacy suite.

1. Zone Alarm.

Use all of the firewall features. Disable the privacy features (cookie control & ad elimination). You can still turn on cookie blocking at the firewall for selected programs if you wish.

2. Internet Security 4.0

I'm really interested in Guard Dog, but McAfee has bundled all their programs into this one suite, so I get them all and just use what I want.

Guard Dog has an active privacy watcher that will prompt you when personal information, such as your name, address, phone number, account number, etc., go over the web. It will also prompt you when programs launch other programs or try to access the web. You can allow access once or always, or deny access once or always. Guard Dog will also block 3-rd party cookies (cookies from sites you haven't visited) and also delete cookies from un-bookmarked sites at the end of each browser session.

Don't use Guard Dog's ad blocking.

3. Ad Subtract

Intermute's Ad Subtract will block all pop-ups and banner ads, as well as block cookies, animations, music and images. It will also stop "referrers:" sites that open up other sites. You can customize what is blocked by site.

4. Other Bundled Software

With McAfee's Internet Security 4.0, you also get VirusScan 6.0, Firewall, Safe & Sound, QuickClean Lite, and Shredder. VirusScan did well in catching the recent klez virus, and updates its virus signature file automatically each week. The Firewall works well, but I thought it was performing slower than Zone Alarm when all the security features are turned on. Safe & Sound is a utility that will automatically back up selected files to another location. You can set it to back up to another drive or another directory, and set the interval anywhere from 30 minutes to real-time mirroring. QuickClean Lite is a garbage eliminator. Shredder is an enhanced DELETE program which overwrites deleted files many times with random values and scrambles the directory entries.

Combined Package

Many tools have similar features, but I really like how Guard Dog blocks indirect cookies and automatically deletes cookies from non-bookmarked sites at the end of each session. Other tools require you to manually select what to delete. Ad Subtract stops all the eyesores and extra clicks to close unwanted windows. VirusScan is as good as any other virus program, and is bundled with Guard Dog. The Firewall is as good as Zone Alarm, so you could use it instead if you wish.

-PJ

[Ernest_at_the_Beach]

I have been happy with Norton, the virus checkers has stopped many riding in on E-Mail!

[Political Junkie Too]

Guard Dog was the center-piece for me. Once I decided that I wanted that, I went with the rest of the package from McAfee.

-PJ

[NerdDad]

Ernest makes a very valid point. Running out of memory is the biggest culprit when your machine freezes for no reason. I jumped in when the prices were at the bottom and bumped my machine to 512M. Still, I find myself rebooting quite regularly. I work in IT when I'm not on FR. We tell all our users, "Don't call MIS until you've restarted your computer." Obviously, can't be sure without knowing what all is running, and seeing it happen, but it sounds more like memory starvation than a bug.
You would be surprised how many programs run in Windows without your knowledge. A look at Start|Run|MSCONFIG will give you an idea. Assuming you sorta know your way around your computer AND have a good backup, you can use MSCONFIG to turn off some of this stuff to free up a starved machine. But please, backup up your data and know what you're turning off.

[Reaganwuzthebest]

You would be surprised how many programs run in Windows without your knowledge.

This is true. In the past I always had Microsoft Messenger start up with Windows. Even when I would sign out, but leave the icon in the taskbar I noticed through ZoneAlarm messenger was still uploading. This of course is using memory even though the program was turned off. Now I completely shut it down; after I check my e-mail I exit the program.

Still I wondered, what information could have been getting uploaded to Microsoft? It's not that I'm paranoid or anything about it, but it just seemed strange.