[emkay_01]

I've been using Zone Alarm Free firewall on my WinXP computer for many years. When I'd go off line for an extended period I locked my firewall. I just installed Zone Alarm Free ver 8, and after a quick look, I don't find the same lock option.

Now I'm beginning to question whether locking the firewall actually does block all entry into my computer. There's only 1 line coming from the internet to my modem, but what happens on the other side of the modem..... does the firewall control the exit from my modem?

[Elvandil]

Though I don't know about ZA specifically, many firewalls lock all access when they are turned off. This is also part of the protection that exists at boot time, so that the system is protected from access by a loaded driver while it is booting and before the firewall actually runs. Since ZA is a good firewall, I'm sure something like that happens with it, and that "locking" button was always sort of mysterious, anyway, since the access should always be locked unless the program is running and the process is allowed. They probably simply dispensed with it.

The firewall filters all connections to and from your machine, so that means just before the data enters or leaves the machine through the modem. The modem is not protected, but there is no reason why it should be.

[emkay_01]

I think I posted a reply, but it looks like I lost it.

Thanks Elvandil for your reply. To be sure I understand it correctly, the firewall is in series with the modem, and gates ALL information to/from the internet. I use a secured wireless modem, and I assume that between the 2 of them, unless I get careless, no unwanted files should get into my computer. Yet, I know careful(?) people with secured routers/modem and firewall, that get spyware, malware, etc. on their computers. (I guess my assumption that they're careful people must a bad one).

[hewee]

You should of gotten the FREE Online Armor that was just given away the other day.
They have a free version and both there paid and free version is better then Zone Alarm Pro. The free Zone Alarm is not very good now days.

I have the paid Online Armor 3 and there is a option...
Block all traffic during system boot – Allows you to configure Online Armor to automatically block all internet traffic while your computer is starting, when Online Armor cannot display Firewall pop-ups. This option may interfere with normal networking communications on some systems, preventing you from establishing a proper network connection until after Online Armor is fully running.

Free version should be the same.

I had Zone Alarm Pro on my old PC with 98SE. But as PC was booting up I think Avast was busy getting or checking on updates so it was able to get out tru the firewall because all was still booting up so who knows what all was going on.
I moved and misplaced the router so had a lot of trouble booting up. I had to be fast and even then I had to go into safe mode because it was Avast after all or the check for updates from auto update I had to disable and keep that way till I got the router put back or I had lots of trouble. Never found out just why I could not redo things the way I know I have when I took away a router but that was with AVG so somehow Avast and ZA were fighting.

[c0796]

I read this from an article and wondered what exactly he meant...in lamens terms...anyone care to paraphrase?

A 'personal firewall' isn't a firewall. A firewall is a dedicated box with (usually) two or three ethernet ports running no services other than a firewall. My preferred configuration is an x86 box with a couple of tulip cards running FreeBSD or OpenBSD and ipf, though you can do OK with Linux and iptables too. You can run either on a $100 obsolete PC. (*BSD is better, but Linux is easier for a new user to configure).

So... what does a 'personal firewall' actually do? Well, effectively it listens on all the ports on your system. This provides no real additional security over turning off the services that you don't use.

What it does do is break standard network applications (such as traceroute) and, more importantly, if badly written it will claim normal background network traffic is some sort of attack, alarming the user for no good reason. I've never heard of a 'personal firewall' that isn't badly written in this way. That doesn't mean one doesn't exist.

[hewee]

Yes there are software and hardware firewalls.

There are routers that can help hide us and some router even have a firewall in them.

I just have a router and a software firewall but I am hiding out behind all that.

[c0796]

So why have the software firewall if your router has a fire wall too?

[emkay_01]

c0796.........I guess few things are 100% effective. It's like wearing a belt with a pair of suspenders.

[hewee]

Run the ShieldsUP! test abd test all ports.
https://www.grc.com/x/ne.dll?bh0bkyd2

Your want them all to be Stealth or a perfect "TruStealth" rating.

Quote:

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

So it does not mean I can not get hacked but a hacker would really want to do something to me and keep trying to be able to get tru. Most will gave up and find an easy PC to hack and those are PC's that can been seen.

So if your hidding they will pass you by for a easy hit someplace else.

So now for something bad to happen it is because you went to bad web sites or a site that got hacked or downloaded or open an attachment etc that let something get to your PC.
Always scan your downloads and get your programs from trusted site. If you go and for free program that come from cracked software you can also get other malware from the same sites.

Even programs that are there to protect you can be bad and there are more bad ones then good ones.
Rogue/Suspect Anti-Spyware Products & Web Sites

That is one very long list.
Now look at this small list of Trustworthy Anti-Spyware Products

So any new anti-spyware program you see and wonder about it's best to check out because the odds are that it is bad.

[Elvandil]

Quote:

Originally Posted by c0796

I read this from an article and wondered what exactly he meant...in lamens terms...anyone care to paraphrase?

A 'personal firewall' isn't a firewall. A firewall is a dedicated box with (usually) two or three ethernet ports running no services other than a firewall. My preferred configuration is an x86 box with a couple of tulip cards running FreeBSD or OpenBSD and ipf, though you can do OK with Linux and iptables too. You can run either on a $100 obsolete PC. (*BSD is better, but Linux is easier for a new user to configure).

So... what does a 'personal firewall' actually do? Well, effectively it listens on all the ports on your system. This provides no real additional security over turning off the services that you don't use.

What it does do is break standard network applications (such as traceroute) and, more importantly, if badly written it will claim normal background network traffic is some sort of attack, alarming the user for no good reason. I've never heard of a 'personal firewall' that isn't badly written in this way. That doesn't mean one doesn't exist.

First of all, these statements are not correct. A personal firewall is a "firewall" and that is why it is so named. It is a software firewall and controls ports on the machine through loaded drivers. Its functions, especially with the newer releases, include far more than "turning off the services that you don't use", and, in fact, I know of no firewalls off-hand that control services at all.

The author seems to prefer hardware firewalls. That's fine, and an argument can be made that they are better when configured as you want them to be. But there is nothing wrong with software firewalls, either, and having both, though possibly safer, is not safer by much and may make connectivity more difficult.

By far the greatest number of infections are due to user error, and the second greatest number to user error where the user has been misled into performing an unsafe task.

[c0796]

Thanks to you all for your input although I'm not worries about being hacked the last thing I want to is to find out...too late, been hacked!

Here's another if you don't mind. What do hackers usually look to hack and what are they looking for? To the best of your knowledge.

[Elvandil]

The best way to avoid damage from infections is to make sure you have a drive image to restore if you become damaged.

The best way to insure that you don't get hacked in the first place is to follow all the Microsoft recommendations for security settings in Internet Options, have a firewall that reports any out-going connection attempts (they can't steal information if they can't send it out) and a good, real-time scanner for incoming data.

As far as what they want, it may be email addresses that they can use to spoof your contacts into thinking mail came from you, credit card numbers, SS numbers, or personal data of any kind.

Lately, using your machine as one of an army of unwitting machines is also a way for hackers to bring down web sites with DDos attacks and most people don't even know their machines are being used.

Running as an admin is also to be discouraged, and it's best to save your personal data in any of the many freely available "vaults", like Roboform's identities vault, that require an additional, different password to access. You wouldn't want to store your SS number in a text file on the desktop, for example.

[c0796]

Ok, good stuff, thanks again for sharing your knowledge, much appreciated.

[emkay_01]

There's a lot of good information being presented, and I'm learning.

I'm a curious person, and do a lot of searching for free software sites. Understanding the problems I face doing this, I use True Image to image my HDD, sandboxie to isolate incoming files from the internet, and a number of free anti-malware, anti-spyware programs, that I periodically rotate thru, plus a secured modem and software firewall.

Considering that I'm the kind of user that makes a lot of careful, knowledgeable users cringe, I've only had 1 infection problem in the last 6-8 years, when it was necessary to wipe my HDD, and re-install Windows (but those were the pre-True Image days. Now I regularly reimage my HDD every few months just to clean up the computer.

Thank you everyone for contributing to this firewall thread, and increasing my knowledge of firewall information. And I'm sorry for my use of long sentences.