I downloaded the zonelabs firewall, before I install it I wanted to know; is there any downside to it? Will it slow down my connection or anything?

Zonelabs firewall is my favorite.
It doesn't log intrusion attempts, that's a downside.
Any firewall by virtue that it exists in your connection will slow the connection, but not noticably. Go ahead and install it, play with it, reconfigure it and then you decide. http://www.speedguide.net/ubb/smile.gif

I use ZoneAlarm, BlackICE and ClearICE(a Reporting Utility for BlackICE). ZoneAlarm works great. However I use it only for monitoring outbound traffic. Like PaulLuke said its downside is that it doesn't log very well. This is why I use BlackICE for inbound traffic and use ClearICE for extracting information about events logged by BlackICE. I have not had any noticable performance hits on my 667MHZ PIII with 128MB RAM. Give it a try. I am sure you will like it. Hope this helps you.

Regards,

DIDS

I just downloaded ZoneAlarm on Monday...it's logged three attacks (they call them alerts). Or are you talking about a different type of log (that you report that ZoneAlarm dosn't have)?

Forgot: it's V2.1

[This message has been edited by chacmool (edited 04-21-2000).]

Chacmool:
Zonealarm has alerts like you say, It will not log to a file so you can review the intrusion attempts later. Once you click okay on the popup, your log is gone. http://www.speedguide.net/ubb/smile.gif

Paul,

Version 2.1 of zonealarm does have a log feature to log your alerts?

Lex

Yes, version 2.1 does have a log where u can check out later all the alerts.

------------------
VRRROOOOMMMMMMM!

ZoneAlarm logs are in C:\WINDOWS\Internet Logs\ZALog.txt

However, the "attacks" (alerts) are not.

[This message has been edited by chacmool (edited 04-21-2000).]

It will not work with Sygate or any type NAT service for sharing Internet Connection.

They recommend installing it on the client computers, but then that leaves the server unprotected!

------------------
iSpark - Fired up! and ready to GO!

Say DIDS: How does one get ClearIce?

Chacmool,

ZoneAlarm does have a log, but it gives you very little information. This is the reason I have BlackICE. It logs a wealth of information about the "Intrusion" or "attack", and also information on the computer "attacking" you. You can get ClearICE from www.clariondeveloper.com, (http://www.clariondeveloper.com,) but it only works with BlackICE. Hope this helps you.

Regards,

DIDS

------------------
-------------------------

It Can't Rain All The Time
- Eric Draven (The Crow)

-------------------------

I have a Linksys router, with latest firmware, and have hardware firewall. Used ZoneAlarm for a bit, but with win 2K and this setup, I feel pretty good and secure.

Yah its a good firewalling program and no it wont lag your system activity or internet at all.... Go for it. Its a good program!

: )

Has anyone else tried the new 2.0 version of Sybergen Secure Desktop (used to be Syshield)? They really improved this version over the 1.1 they had when I signed up for it. It now monitors all outbound traffic and sets up a rights/permission (FINALLY!). It also has a good log file for monitoring scans/intrusions/pings etc. It has a very low system footprint but does not work with ICS (from what I understand). When Steve Gibson reviewed the 1.1 version he was right, it didnt have a trusted IP feature which it now does. Looks like the folks at Sybergen listened.

The big problem I have with Zonelabs is info they are collecting with it. Privacy baby. Nothing is free.

[This message has been edited by Fade Ruatha (edited 04-21-2000).]

I use BlackIce, ZoneAlarm, & McAfee Guardian.
- BlackIce is easy, has great logging and descriptions of intrusion attempts, but doesn't handle outgoing activity. Sometimes goes overkill on alarms. I prefer overkill to underkill, tho. http://www.speedguide.net/ubb/wink.gif

-ZoneAlarm is free, does handle outgoing, BUT gathers info (Aureate client?), has less helpful website than BlackIce, and has less info in logs. Not sure if it's a keeper.
Aureate info: http://grc.com/optout.htm (includes a download to kill spyware)

-McAfee Guardian blocks cookies, ads, and the frequent(!) attempts to pull my credit card # and personal info. Not sure how the sites get at my credit card thru BlackIce and ZoneAlarm, but I would never know if Guardian did not warn me.

Check the security of your online connection: https://grc.com/x/ne.dll?bh0bkyd2.

I have ZoneAlarm and BlackICE installed, for the reasons mentioned above. I just love the reporting features fo BlackICE, and the control of outbound traffic ZoneAlarm allows.

Cheers,
Ronald

------------------
"I have lost all my beliefs to a world of hypocrisy"
---
(Hypocrisy - Paradox)

I'm using zone alarm now and it's great......just make sure u turn it off before using napster/or playing games because it'll give u a higher ping then normal.....and you won't be able to send files through napster

Moved to the Security Forum.

Hmm, I am using zone alarm right now on the server on an ICS shared network. (SWBell PPPoE if that matters). It works fine - I still get pings around 45-50 on a 12 player UT games, and napster works fine to. All I had to do was abasically give both programs full access to the internet, and definte which network cards my local intranet was on, set the appropriate security levels - and it works like a charm. Had it running on the client computers before I really thought about it and realized that was pointless http://www.speedguide.net/ubb/smile.gif.

Chris Bennight

Well, there is another way to use Napster with a firewall:
change the data port. Default is 0, and I couldn't transfer anymore. 6699 works just fine for me....you can change it in the preferences.

Cheers,
Ronald

------------------
"I have lost all my beliefs to a world of hypocrisy"
---
(Hypocrisy - Paradox)

Yeah it's funny that people say that Zonealarm can't be run on a ICS system, actually I running behind two versions of Zonealarm, one on the client the other on the server. Only thing about Zonealarm on the server is that you have to keep it on the medium secruity setting and set the network adapters than are on you lan as local adapters, however this isn't for the network adapter that is connected to the Cable/DSL modem. Finally the weird thing is when I go to grc.com and scan my ports the last three times all my ports where closed except for SMTP and Netbios which are stealthed. Here's screen shot is at http://home.midsouth.rr.com/avenger2031/stuff.jpg

P.S. hmmm, it's not linking properly that's odd, O Well.

P.S.S. didn't add the http:// now it's better.

[This message has been edited by HMS White Star (edited 04-23-2000).]

To all multiple firewall users: doesn't it make the system unstable to have several programs running? I thought they would interfere with each other's functionality - I had to reformat my hdd 3 times within 6 months and I'm pretty sure that it was due to installing & trying different 'optimization' and 'tweaking' programs ...

A friend of mine who know a lot about networking and other stuff told me it that it usually doesn't work if you install more than one firewall. However, my sytem is running just fine, And sometimes Zonealarm reports intrusion attemps, sometimes BlackICE does. So apparently they both must be up and running. I guess the advantage of this setup is that if a hacker crashes one of the firewalls, he still has to go through the other. Never had problems with hackers, my system is running stable and just fine. My friend was very surprised when I told him this, and our guess is that Zonealarm and BlackICE use different techniques to discover intrusions that do not interfere with each other. But of course I don't know enough about this topic to give you a satisfying answer except: it works.

Cheers,
Ronald

------------------
"I have lost all my beliefs to a world of hypocrisy"
---
(Hypocrisy - Paradox)

teutonica,

You might want to check into getting GoBack. You can find it at www.wildfile.com! (http://www.wildfile.com!) It is the most important and valuable program I have on my PC and have ever used!!! I had problems with software conflicts and one crashed my brand new Dell 667MHZ pc a month after I got it. Took me 10 hours to restore everything back onto it. With GoBack if I run into a problem or software conflict. I revert my PC to the way it was before I installed the conflicting program. I now download anything I want without being afraid of problems. I now do alot of beta testing and modifying to my Registry without FEAR.


Regards,

DIDS

------------------
-------------------------

It Can't Rain All The Time
- Eric Draven (The Crow)

-------------------------

My previous reply's URL link to wildfile didnt work. This one will. www.wildfile.com (http://www.wildfile.com)

------------------
-------------------------

It Can't Rain All The Time
- Eric Draven (The Crow)

-------------------------

What do you think of this?
I found it on another site and it's the only possible downside to ZONEALARM.

"Vulnerable systems:
ZoneAlarm version 2.1.10
ZoneAlarm version 2.0.26

If one uses port 67 as the source port of a TCP or UDP scan, ZoneAlarm will let the
packet through and will not notify the user. This means, that one can TCP or UDP port
scan a ZoneAlarm protected computer as if there were no firewall there IF one uses port
67 as the source port on the packets."



------------------
Closed course and Professional user.
Don't try this at Home!

It does support NAT, you just have to set the security bars to the middle on internal and external connections.

HERE (http://www.intel.com)

The best firewall out there right now is: conseal made by signal9.
hands down it is the best.. beleave me when i say this... i know... downside is it don't work with win2k at this point... i have tryed black ice zonealarm... and by far conseal has them beat bad...its been everywere with me even threw nuke war's LOL.. oh well enjoy

------------------
BOOOYYAAAAA!!!!!
Mp3z 4l|f3

I consider Conseal to be the best software wall! At one time I used both Conseal and Blackice but after configuring Conseal properly using my own rulesets Blackice now never goes off rendering it now useless. So at this point I uninstalled Ice run conseal solo, my connection suffers no speed loss, at very least not detectable I still average about 200-400 though out the day & night..
Conseal picks up all TCP ,UDP attacks like Sub7, Bo, etc. Also refrains from answering echo related attacks without compromising system integrity..

Lord stanley seen in Toronto!!!

Would you all post the URL for conseal.

Thanks

I have tried just about everything for my cable modem with reguard to firewall protection. The best software solution I think is Conseal, then BlackIce, but conseal is hard to configure for the novice user... (could one of u Conseal users send me some ruleset tips, thx)
By far the clear winner for protection is the Linksys Cable/DSL router $158 w/built is 4 port switch, it has actually speeded up our net connect for 6 users in my home. The downside to the router is you can't log activity.
Just my .02

Sorry, I left this url out of my last post. Unfortunately, Conseal was bought out by MCafee, but u can still get the demo at http://www.consealfirewall.com/

I have been looking for a good firewall for win2k too! and i found it!
Norton Personal Firewall 2000
its still in preview phase but i havent found any bugs in it, and it works great!
get it here for free http://www.symantec.com/sabu/nis/beta/

Its way better than any other firewall available and it works with win2k - great!

Also i am looking for a good firewall to use on a server. Any ideas? Such that a client can set firewall setting in icq for example to tell it to open port and u have to specify username and pass. Any ideas whats good? for like win2k server?
Thanks http://www.speedguide.net/ubb/smile.gif



------------------
m_cw_

I use Norton Internet Security 2000. It is a personal firewall that is really easy to setup and configure. Costs around $50.00. Works good with a roadrunner account.

------------------
seahawk76

when i run zonelabs firewall on its highest setting i cant view any webpages, so i put it on medium. is there any security risk with it off its recommended setting?
oh and when i try to run quake 1 it freezes it, got any ideas why? i can run q3 hl or anyother game fine through it.

I need an education on something. In a previous post, the following comments we made:

- BlackIce is easy, has great logging and descriptions of intrusion attempts, but doesn't handle outgoing activity. Sometimes goes overkill on alarms. I prefer overkill to underkill, tho.

-ZoneAlarm is free, does handle outgoing, BUT gathers info (Aureate client?), has less helpful website than BlackIce, and has less info in logs. Not sure if it's a keeper.

There are references to outgoing (vesus incoming, I suppose?). I don't understand how a firewall protects in the outgoing sense. To me, a firewall has been for intruder protection--prevent external users from accessing your system. That seems to be the incoming direction. What kind of protection is meant by the outgoing direction?

Has anyone here tried the AtGuard firewall. Unfortunately Nortons bought it out. You can get a trial download from here http://home.pages.at/atguard/page2.html I've used it for a while now and it is pretty good.

The outgoing protects from:
-a hacker who wants to go into your computer to get vital information to use such as passwords and financial info. They need to go into your computer as well as get back out to use the info.
-viruses that replicate through e-mail. an aquaintence got the virus but zonealarm kept it from being sent to anyone in his address book.
This is an important feature.

------------------
You don't stop playing because you get old, you get old because you stop playing.

in my opinon Atguard is the best firewall.
i have tried conseal and it was hard to set up.
But Atguard logs attacks and even informs me of heartbeats off my ISP.(UK ISP btw).
Havn`t tried Blackice yet .

Can anyone give me an address for BlackIce ?

www.networkice.com (http://www.networkice.com)