Skip to main content

Notice

Please note that most of the software linked on this forum is likely to be safe to use. If you are unsure, feel free to ask in the relevant topics, or send a private message to an administrator or moderator. To help curb the problems of false positives, or in the event that you do find actual malware, you can contribute through the article linked here.
Topic: Configure Linksys with ZoneAlarm! (Read 3408 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Configure Linksys with ZoneAlarm!

Anyone know of any good guide/tutorial web sites which tell you how to configure zonealarm with the linksys router (befsr41)

Thanks in advance!

Configure Linksys with ZoneAlarm!

Reply #1
A NAT router like the Linksys one should completely replace any software firewalling solution like ZoneAlarm!, given some sense of security on the user side.
Read more about the pseudo-security of these "personal firewalls" here.
"To understand me, you'll have to swallow a world." Or maybe your words.

Configure Linksys with ZoneAlarm!

Reply #2
Quote
Because those people are all idiots


have to love answers like that - I have a software firewall - therefore I'm an idiot. logical. Funny that when I got a virus that was trying to connect to some sex site that my Sygate popped up to tell me that some program was trying to establish a connection, somehow as an idiot I feel that maybe it helps just a bit more than having nothing.

Jen - sorry - I uninstalled ZA a long time ago because it was interfering I think with messenger & had network problems with it. I think ZA has become too bloated for what was once a great program.
But I don't understand what you have to configure - the router is already set for "normal" operation, unless you are running servers of some type, or use audio/video communication. The ZA should just protect your LAN. The router is just the gateway (LAN to WAN).
What do you need to configure?

Configure Linksys with ZoneAlarm!

Reply #3
You should consider to continue reading and even visit some of the links provided to know why the author of the page considers Personal Firewall to be for "Idiots"
"To understand me, you'll have to swallow a world." Or maybe your words.

Configure Linksys with ZoneAlarm!

Reply #4
Quote
Quote
Because those people are all idiots


have to love answers like that - I have a software firewall - therefore I'm an idiot. logical. Funny that when I got a virus that was trying to connect to some sex site that my Sygate popped up to tell me that some program was trying to establish a connection, somehow as an idiot I feel that maybe it helps just a bit more than having nothing.

Well, if you got a virus then I guess you haven't applied safe computing practices in the first place. 

Ever since I bought a NAT router with a built-in SPI firewall I stopped using software firewalls (having used Tiny Personal Firewall before), and I don't have the impression I'm missing anything.

Edit: snipped non-relevant text from quote.
Over thinking, over analyzing separates the body from the mind.

Configure Linksys with ZoneAlarm!

Reply #5
Quote
Read more about the pseudo-security of these "personal firewalls" here.

When I wrote my previous post, I hadn't read this article yet. Now I have, and I can't say I fully agree with it.

First of all, calling all personal firewall users "idiots" is totally uncalled for. If the author has valid, rational arguments there's no need for him to use insults.

And his argument is basically "if you don't have the full source code of the firewall software AND the OS, it's not secure because you can't check if it's actually doing anything".

I think this is quite exaggerated. So in order to be secure you have to have the source code of the firewall (and, to be consistent, the source code of the firmware if you have a hardware firewall), the source code of the OS, and have the skill to be able to study the source code to make sure it really works as it's supposed to.

I would guess that leaves out about 99.9% of all people who use computers. Folks, just give up. There's nothing you can do to protect yourself. 

As dev0 already mentioned, a hardware firewall can replace a software firewall just fine, and I don't see the need of running both. However, I would urge everybody to at least run one of the two. It's still better to run a properly configured software firewall than not to run a firewall at all.

Of course, no system is 100% secure, but for a home user running Kerio or ZoneAlarm or a NAT router is certainly an improvement (even if you don't have the source code of it, let alone the source code of your Windows version).

Edit: Oh, and this statement...
Quote
Do Personal Firewalls improve security?

No.

... is just totally and utterly wrong.
Over thinking, over analyzing separates the body from the mind.

Configure Linksys with ZoneAlarm!

Reply #6
Look, when the main page starts
Quote
(Answers to) Frequently Asked Questions
- And the only answer i see is
Quote
Consider dropping Windows and switching to a more secure operating system
- He might also say unplug your computer from the internet and then you might be safe.

There is no mention why these software firewalls don't work <according to him>, just that
Quote
You can't improve security of an untrusted system by installing another untrustworthy piece of software
- what would care to define as a trustworthy piece of software? If you think open-source means trustworthyness then i guess Linux has never had, nor will ever have any security problems! I am not in any way trying to promote Windows software, which has lots of security problems, but this guy just says that anyone who uses a firewall is an idiot - I am, and anyone else who tries to make their computer more secure should be offended by this guy. If he gave maybe a good argument or some examples he might be worth listening to but obviously for someone who thinks that his opionion is right and that others because they use a different OS are
Quote
other than whining Windows lusers there who complain that they aren't treated friendly and courteously
.

While I think software firewalls are a source of many problems - this guy must live in a subnet of the internet I'm not aware of. Where the majority of people still run windows and quite a variety of other closed source programs - he is saying get rid of all of it and go completly open source - Are you going to tell me that you have no closed source programs on your computer? Is that a realistic solution?

This guy offers no realistic reasons why I should not use a firewall and again offers no realistic alternatives either. And on top of that he is arrogant and biased and rude so I fail to see what benifit I am getting by his so-called FAQ.

@ PoisonDan
Actually it was my sister who got it while she was using my computer but maybe you could define what "safe computing practices" are? I think I actually am setup fairly well in terms of virus/trojans/etc.

Configure Linksys with ZoneAlarm!

Reply #7
Also I don't understand why people think a their Linksys or Dlink router is some kind of firewall replacement for a software firewall. The router firewalls will just allow certain ports open or closed, but it does not allow you to dictate which software has access to the internet (mainly on port 80- HTTP).

For example I have several programs like 'Services and Controller app', 'LSA Executable and Server DLL', 'Generic Host Process for Win32 Services', WinAMP agent, etc - all these are blocked by my firewall but they would not be blocked by the Router's firewall. I have no idea which programs are running these or why but at least I know they are not accessing the internet. If I did not have a software firewall how could you define which programs you want to have access to the internet?

Configure Linksys with ZoneAlarm!

Reply #8
Quote
Also I don't understand why people think a their Linksys or Dlink router is some kind of firewall replacement for a software firewall. The router firewalls will just allow certain ports open or closed, but it does not allow you to dictate which software has access to the internet (mainly on port 80- HTTP).

For example I have several programs like 'Services and Controller app', 'LSA Executable and Server DLL', 'Generic Host Process for Win32 Services', WinAMP agent, etc - all these are blocked by my firewall but they would not be blocked by the Router's firewall. I have no idea which programs are running these or why but at least I know they are not accessing the internet. If I did not have a software firewall how could you define which programs you want to have access to the internet?

Yes, outbound scanning doesn't work with SOHO NAT routers, but I don't think everybody wants or needs this. It's a personal choice.

I don't really need outbound scanning. As a matter of fact, when I used a software firewall I experienced it as a nuisance having to maintain a list of programs that need internet access.

I don't care what programs are accessing the internet at any given time (as long as all incoming connection attempts are blocked). If I'm concerned about spyware, I'll use a spyware scanner like Spybot. And when I get too concerned about viruses I can always install a resident virus scanner.

But I know other people have different opinions about outbound scanning, so yes, depending on your personal preference, you may need to install a personal firewall in addition to your NAT router if you also want outbound scanning.

Quote
Actually it was my sister who got it while she was using my computer but maybe you could define what "safe computing practices" are? I think I actually am setup fairly well in terms of virus/trojans/etc.

Well, since you got a virus infection, my first question would be "did you have a resident virus scanner installed ?" 

Besides that, the usual safe practices apply:
- Use a firewall .
- Keep your system up-to-date with the latest security fixes.
- Don't run services like HTTP, FTP or Telnet if you don't need them.
- Don't open executable e-mail attachments.
- Use a trustworthy source when you download software (KaZaa is not trustworthy ). When in doubt, always use virus scanner. You don't even need to have one installed. (hint: HouseCall)
- If possible, try to use an alternate browser and e-mail client, instead of using IE and Outlook. Because of the popularity of IE and Outlook, the vast majority of viruses and trojans are written to exploit these programs.
Over thinking, over analyzing separates the body from the mind.

Configure Linksys with ZoneAlarm!

Reply #9
As you say it is choice - I like to know which programs are outbound and why - I don't trust MS and what type of information they like to gather as well as others. The less they know the better. Big Brother is among us 

Yes the virus didn't get far - sneeky thought I must admit, embedded in a word document that my sister download from school. I had NAV2003 (Don't get the 2004 version!) turned off for scanning MS office documents and thats why it got past the first stage, but Sygate caught it before any connection could be made.
That is why I believe that a software firewall can be useful.

Well I think I try to run a fairly safe ship
- Firewall(s): Router & Sygate
- OS updated on a regular basis
- Services are controlled - I run HTTP & FTP but non-used are turned off
- all email attachments are scanned - any suspecious attachments are re-confirmend by sender. (The word document actually came throught messenger    )
- Don't use Kazaa but all downloads are double scanned automatically
- Since some sites have problems I do use IE but I keep it updated every week with the OS.

I think this is a fairly aggressive prevention routine - along with scans from Search & Destroy, Ad-Aware, SpyCop, Firewall on the registry, etc. A lot more that then average user I would imangine, and yet it was a good lesson that it is still possible to be infected.
Thanks for the list - it was a good double check

Configure Linksys with ZoneAlarm!

Reply #10
Sorted!  I wasn't able to get the internet to work with zonealarm enabled.  This is why I wanted a guide so I could configure it properly.  Instead I just reinstalled it and everything is working fine now.