Scince I have installed XP service pack 2 there is a built in firewall - 'Windows Firewall' ...

Is this better than or equal to Zone Alarm ?

I'd like to get rid of ZA if Windows FW is OK ...

Which is best ?

Windows firewall is absolutely useless... well within reason... it's better than nothing but only marginally.

Amongst other things it's not a particularly specialised product and more of an "also ran" add on.

ZoneAlarm is better for a whole slew of reasons including the ability to block outgoing requests from programs that you may have inadvertently installed like trojans, spyware, etc...

There are still plenty of reports of exploits on zonealarm and from what I've heard quite a few more for the windows firewall... In all honesty a NAT firewall through a router, in tandem with zonealarm, and the various other spyware, AV, etc... utilities, installed and kept up to date is the best approach.

we have zone alarm and its worked really well for us. if i were you i would keep them both. the more the merrier really surely not?

Fletch

I'm with Martin_S. The SP2 firewall is very very basic and it switches itself off if it sees you are running ZAP. (windows does something right for a change)

ZAP allows you to exert full component control etc, and for a software firewall/net security manager it is the best by miles.

Just read up steve gibsons website (www.grc.com) and you will see that the guy who created ZA P is no slouch on security matters.

Windows firewall is for people who don't have anything else. If you don't have anything get ZAP.


Trying to run 2 firewalls will lead to problems and speed decreases.

i`m running zone alarm alongside the one that came with norton internet security and i`ve not had a single problem, could be just luck i s`pose. The windows one is pants and i would never use it.

Originally posted by dial
i`m running zone alarm alongside the one that came with norton internet security and i`ve not had a single problem, could be just luck i s`pose. The windows one is pants and i would never use it.
I could be wrong here but running 2 firewalls may well create a clash that could let something through... I wouldn't recommend it, unless of course you're talking about 2 seperate machines with a single firewall on each and a net connection share situation..

From what i`ve read the clashes are mainly based around having them configured wrongly and programs that need access unable to get through. I hope this is the case but i`m extremely careful with my machines and check for problems regularly. I use Norton firewall alongside Zone alarm and for laziness`s sake if i want to allow something one time only access and don`t want keep it that way i cheat and turn off norton and use za for a few mins then re enable norton lol, not the perfect way of doing it but saves me a lot of trouble and keeps me safe.i regularly scan with Norton antivirus, spybot,adaware,swat it and cic pro to clean the dats, i keep everything bang up to date including all the programs installed and am very careful where i go.
I got so interested in this a while ago i was almost paranoid, this has worn off now but i still look after my pc, i just couldn`t imagine life without it cos i use it every day for my mail , shopping and contact with family etc hope i`m right in all this i feel very safe.

Originally posted by dial

I got so interested in this a while ago i was almost paranoid, this has worn off now but i still look after my pc, i just couldn`t imagine life without it cos i use it every day for my mail , shopping and contact with family etc hope i`m right in all this i feel very safe.


After actually having watched a computer being switched on by a malicious intruder over the internet, I believe that paranoia is not only rational but essential. Especially when, as you say, we are pouring our life data onto them.

Now is everyone out there backed up? Not me, not really, and it's a gnawing doubt that will soon have me scurrrying out for a removable HDD or something.

Now where did i put those back up cd`s?

The sp2 firewall takes about 5 mins to hack it so I'd switch to Zone Alarm if I were you people!

Trust me-

I work for a large bank in the UK in their IT department- and sp2 is ****e!

Is the free ZoneAlarm good then??, I mean if it is free surley it can be hacked compared to the cost versions?

Originally posted by ANGELUS
I work for a large bank in the UK in their IT department- and sp2 is ****e!
I really wish you'd shut up being so bloody negative about the whole service pack... Your particular IT department will have had problems because of the specialised nature of the software used in banks... A large business environment is hardly the same as 99% of the home users on here...

Having dealt with a number of users with absolutely no protection, no windows updates and no virus protection over the last year I'm very much of the professional opinion that SP2 is a darned sight better than naff all...

SP2 contains a lot (more than just windows firewall) and resolves a number of security issues that existed previously to allow almost any muppet into your system...

Yes the windows firewall is ****e but it's better than nothing and will at bare minimum stop those wannabe script kiddies with no clue... If nothing else it reduces the odds of infection until you get something else.


Yes there are problems but damn if it isn't a rather large step in the right direction...

To put it in perspective, I've done 3 systems in the past 6 weeks that required 7 hours and £50 a time to fix... In all but one case SP2 would have avoided the problems they experienced.

Originally posted by Jamie
Scince I have installed XP service pack 2 there is a built in firewall - 'Windows Firewall' ...

Is this better than or equal to Zone Alarm ?

I'd like to get rid of ZA if Windows FW is OK ...

Which is best ?

I'd say Zone Alarm is better than Windows but i would also say Sygate is better than them both!. Every test/review i have seen on free firewalls states that Sygate out performs all the others.

As for sp2 being ****e, why would Microsoft spend so much time and money making the biggest service pack ever if it was'nt going to work?. I installed sp2 on my main system last week and i have had no problems (apart from one program being put on my startup list for no reason).

HELP!!!!!!!!!!!!!!!1


After reading this thread I downloaded ZoneAlarm but I cant post on here! (I have had to turn it off to post this!)

this site asks me to log in but then just does not allow me to post.

Please help

ZoneAlarm now goin back on!

Originally posted by ZEDEX48K
HELP!!!!!!!!!!!!!!!1


After reading this thread I downloaded ZoneAlarm but I cant post on here! (I have had to turn it off to post this!)

this site asks me to log in but then just does not allow me to post.

Please help

ZoneAlarm now goin back on!

It's only personal preference but i would bin Zone Alarm and download and install Sygate. I have never had any problem posting on web sites!.
You can download it from here:
http://smb.sygate.com/products/spf_standard.htm

ZoneAlarm disables the windows firewall, and re-enables it if uninstalled. The impression i get from the docs is that it accepted by M$ that the zonealarm firewall is superior to the regular windows one.

Yes I agree. SP2 is better than nothing and finally adds native bluetooth support, which is a big thing if you have a bluetooth phone.

But Zone Alarm is much better. It does need to learn which software can and cant access the zones you set up, but once that is done it worls very well, even with my radio station thingy and online gaming with no noticeable reduction in 'internet performance' (latency, speed etc)

Never used Sygate, but I would imagine it has similar things, such as component control as well as program control, worm stoppers, email monitors, script and ad blocking etc.etc.

I used the free version for ages, and the pro version (paid for) does add sufficient features that justify the low price tag.

Originally posted by ZEDEX48K
HELP!!!!!!!!!!!!!!!1


After reading this thread I downloaded ZoneAlarm but I cant post on here! (I have had to turn it off to post this!)

this site asks me to log in but then just does not allow me to post.

Please help

ZoneAlarm now goin back on!

Have you got ZA to not allow cookies (ZoneAlarm >> Privacy >> Cookies)? You should allow session cookies and Private Header Information for most sites!

Originally posted by Phanerothyme
Yes I agree. SP2 is better than nothing and finally adds native bluetooth support, which is a big thing if you have a bluetooth phone.

Ooooh ... I must get one of those bluetooth USB things for my PC ... what's the transfer speed like Phan !? ... I mean PC <-> Phone via bluetooth !?

Just found a better firewall than Zone Alarm... its called.

Agitnum Outpost.

Just a lot better protection to the new Zone Alarm that is out there.

Originally posted by ANGELUS
Agitnum Outpost.

Just a lot better protection to the new Zone Alarm that is out there.
In all seriousness... what does it do that's better?

Better co-existence with other applications? XP sp2 less likely to break with it?

I had a look at Agitnum's own comparison table and on things like the leak tests Zone Alarm Free compared more favourably than the free outpost version. Whilst Outpost provides packet filtering...

To be completely honest all the other features such as pop-ups, and cookie blocking, etc.. are by the by as they are easily tackled elsewhere by other packages...

At face value they seem comparible but my recommendation would still be on zonealarm as a free firewall.

For what its worth I use the free XP one. It blocks inbound traffic and I make sure there is nothing on my PC that shouldn't be accessing out without my consent.
Zone Alarm isn't going to help you much if you still allow Internet Explorer access out and outlook / outlook express or Messenger. As they are the key gateways for all malware onto your pc (after direct netbios attacks that the xp firewall stops anyway). Although zone alarm may then stop those viruses spreading out you still have the problem of it being on your machine!

My setup - XP with SP2 and firewall enabled, Firefox for browser, Thunderbird for email and No AV. Never had a virus in my life and you can google net posts back to 1996 from me!

(uptill 2 weeks ago I was a senior IT Security analyst for a big UK bank specialising in penetration testing of networks and web applications)

Originally posted by kilauea
For what its worth I use the free XP one. It blocks inbound traffic and I make sure there is nothing on my PC that shouldn't be accessing out without my consent.

Try doing a Leak Test from GRC.com - you may be surprised - to quote Steve Gibson:
"Just so you know, WinXP's built-in firewall does not attempt to manage or restrict outbound connections at all. It appears to be a useful firewall for hiding the machine from the Internet (it has "stealth mode" unsolicited packet handling), but you will still need to use a good third-party personal firewall if you wish to manage and control outbound connections from your system."

Leaktest penetrated Windows Xp Firewall no problem. ZA would have stopped it, even after it was moved and renamed. And if you allowed it in ZA, if you modified the file (with an update or a virus) its owuld still be denied outbound access until you verify the altered program is bona fide.

If leaktest can do it, so can a trojan.

Being a IT Security analyst is helpful, but if you are not, I can wholeheartedly recommend Zone Alarm - designed and built by a colossus in the internet security industry, Steve Gibson.

Originally posted by Phanerothyme
Try doing a Leak Test from GRC.com - you may be surprised - to quote Steve Gibson:
"Just so you know, WinXP's built-in firewall does not attempt to manage or restrict outbound connections at all. It appears to be a useful firewall for hiding the machine from the Internet (it has "stealth mode" unsolicited packet handling), but you will still need to use a good third-party personal firewall if you wish to manage and control outbound connections from your system."

Leaktest penetrated Windows Xp Firewall no problem. ZA would have stopped it, even after it was moved and renamed. And if you allowed it in ZA, if you modified the file (with an update or a virus) its owuld still be denied outbound access until you verify the altered program is bona fide.

If leaktest can do it, so can a trojan.

Being a IT Security analyst is helpful, but if you are not, I can wholeheartedly recommend Zone Alarm - designed and built by a colossus in the internet security industry, Steve Gibson.

A leaktest is hardly worth doing as its obvious that the XP firewall does not attempt any egress filtering. I think you have missed the point re. ensuring nothing is trying to establish unwanted outbound connections in the first place - the minute you click allow to enable IE to talk to the outside world you have just invalidated the use of egress filtering in the first place (by allowing your most insecure program to bypass it).

GRC.com is by the way no substitute for a pro. pen-test and Steve Gibson is not by anyones opninion in the business a "collossus" in the security world by the way.