Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zone Alarm 5 Beta Review

Posted by timothy on from the permeable-membrane dept.

An anonymous reader writes "ZoneAlarm is getting ready to announce version 5 of its security software firewall, ZoneAlarm. Though there are a few changes that are presently available on the new beta, this review mentions that there are still many security issues to resolve. Grc.com scan reveals that ZoneAlarm Beta 5 failed to close port 25 and fails to give useful information to the user about possible security services being shut off."

6 of 34 comments (clear)

  1. Re:Wait, do we respect Gibson now? by WereTiger · · Score: 2, Informative

    don't get me wrong, I'm all about educating the masses. Gibson's efforts to do so are admirable.

    That aside, I don't like Gibsons personality. The guy just rubs me the wrong way. I guess I shouldn't let that reflect on my opinion of his website, but I'm only human.

    I'm still waiting for his.. what were they called? nano-packets? The ability to portscan an entire systems in a second.

    --
    If you're hearing rhetoric about Linux, open source, or Mac and everyone's bashing Microsoft, you've found Slashdot.
  2. Re:Wait, do we respect Gibson now? by phaze3000 · · Score: 5, Informative
    Wouldn't say this was a troll at all, just a fair comment about a man with a massively over-inflated opinion of his capabilities:

    Remember the time he 'invented' TCP SYNcookies six years after they were actually created?. To be fair to him, his SYNcookies proposal wasn't the same as what had already been suggested - his had some pretty major omissions that made it unworkable.

    Or the time he predicted the end of the Internet with the introduction of raw sockets into Windows XP, or earlier because of Code Red?

    If one is supposed to be doing a firewall test then a *proper* port scanning utility such as the excellent nmap should be used, rather than a tool on the website of a known netkook.

    --
    Blaming GW Bush for the Iraq war is like blaming Ronald McDonald for the poor quality of food.
  3. Kerio by kayen_telva · · Score: 4, Informative

    I have found that Zone Alarm (in past versions) would sometimes block ALL traffic on a whim.
    No explanation from the software, no warning, and damned difficult to figure out what to to correct it.

    There were other odd issues that resolved themselves after uninstalling.
    I tried Kerio because they took over an awesome product (TinyPF 4) .

    I was pleasantly surprised to find that Kerio is the nicest firewall software I have ever used.
    Includes pop-up blocking, application level permissions with MD5, and is very configurable. Nice looking (very important to style conscious surfers;). Low resource usage.

    ZoneAlarm is gonna have to knock my socks off to get me to switch.

    p.s. Has anyone tried TinyPF 5 ?? Im wondering how it compares.

    1. Re:Kerio by Anonymous Coward · · Score: 2, Informative

      Kerio 4 is generally accepted to be beta software passed off as stable. Bugs galore which haven't been fixed after 16+ different versions of 4.

      Kerio PF 2.15 is the best rule based firewall I have used.

      Tiny PF is a full blown sandbox and firewall.
      Apparently has a steep learning curve.

  4. This is an example from GRC.com by DAldredge · · Score: 2, Informative

    This provides full and direct "packet level" Internet
    access to any Unix sockets programmer.

    Beyond their use for supporting simple "ping" and "traceroute" commands, the original Berkeley designers intended Raw Sockets to be used for Internet protocol research purposes only. Because they fully appreciated the inherent danger of abuse of Raw Sockets, they deliberately denied Raw Socket access to any applications not running with maximum Unix "root" privileges. User-level applications were thus prevented from accessing and potentially abusing the Raw Sockets capability. (See asterisk '*' in diagram above.)

    Full Raw Sockets were created as a potent research
    tool. They were NEVER INTENDED to be shipped in a
    mass-market consumer operating system.

    1. Re:This is an example from GRC.com by LostCluster · · Score: 3, Informative

      A good example of how Gibson entirely missed the point. Raw Sockets are restricted to Administrator users. The real issue is that XP gives users Admin access by default, not that it has raw sockets.

      If he had flamed MS for their poor out-of-box user configuration, he would have had 100% of the techie world behind him.

      He is constantly harping on Microsoft's poor-out-of-the-box configuration, it's just the way he goes about it that seems a bit Tabloid-ish.

      For example, his tool called "Shoot The Messenger" simply turns the Messenger Service off, which should be its default setting on XP Home since the average user doesn't need it and it only gets used to annoy. By comparison, TechTV hosts just regularly remind people how to turn off the service by going through the Control Panel. Same net result, the same flags in the registry get changed no matter what way you attack it in the GUI.

      Instead of calling on Microsoft to make changes, he writes assembly-coded programs to do the changes and convinces people that there's such a gaping hole in their systems that need to be fixed by his magic bullets. For him, security is a side interest... his real business is built around SpinRite, the definitive hard-drive testing tool.

      So, really, he's in line with the main stream community in his beliefs on security, it's just that he has an unusual way to promote them which is more aimed at the "dumb public" than the secuirity elite.