Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zone Alarm 5 Beta Review

Posted by timothy on from the permeable-membrane dept.

An anonymous reader writes "ZoneAlarm is getting ready to announce version 5 of its security software firewall, ZoneAlarm. Though there are a few changes that are presently available on the new beta, this review mentions that there are still many security issues to resolve. Grc.com scan reveals that ZoneAlarm Beta 5 failed to close port 25 and fails to give useful information to the user about possible security services being shut off."

4 of 34 comments (clear)

  1. Wait, do we respect Gibson now? by WereTiger · · Score: 4, Interesting

    IIRC GRC.com was the haven of a sanctimonious blow-hard, why would anyone go so far as to use tools provided by him as a defacto security test of a new firewall?

    Just my 2 cents.

    Wonder if Zonealarm has addressed the issue that was brought forth about version 4, which is that it's hook into the tcp/ip stack could be hijacked by malware.

    --
    If you're hearing rhetoric about Linux, open source, or Mac and everyone's bashing Microsoft, you've found Slashdot.
    1. Re:Wait, do we respect Gibson now? by WereTiger · · Score: 2, Interesting

      Exactly what I was trying to relate. I couldn't remember the specifics, thank you for bringing them up!

      I'm sorry if you're getting modded as Troll, cause we aren't. Mods need to learn what Trolling is :P

      I'd mod you up if I could ;)

      --
      If you're hearing rhetoric about Linux, open source, or Mac and everyone's bashing Microsoft, you've found Slashdot.
    2. Re:Wait, do we respect Gibson now? by Beryllium+Sphere(tm) · · Score: 2, Interesting

      It's tough to write good material for a mass audience. I've had to oversimplify my non-technical work to keep it accessible. (Detailed criticism welcome even if rude).

      Where I think grc.com does readers a disservice is by steering them away from good products. Look at the flexbeta review that marked products "Failed" in red letters because they closed ports as opposed to dropping packets, or because they answered on port 113. Both of those are perfectly valid policy choices.

      It's good that Gibson highlights the need for outbound controls, but the approach he suggests is doomed. Zone Alarm helps with today's malware but tomorrow's won't be so wimpy. Hostile code with Administrator privileges, once it evolves to full capability, means Game Over. Prevention is the long-term answer. Does grc.com advise people not to run as Administrator? Not that Google can find.

  2. Re:Kerio by NexusTw1n · · Score: 3, Interesting

    Tiny 5 is excellent. Applications are MD5'd on full path plus file size, it contains a full sandbox mode, as well as registry protection. ("Spyware.exe is trying to write to HKLM.SYSTEM do you want to allow this?")

    The application level firewall is completely configurable, you can control which TCP & UDP ports each individual application can use and which it can't.

    It can be complicated if you want to dig into it, but the default setup is perfectly acceptable if you just want to install and forget about it.

    ZoneAlarm trashed the TCP/IP stack on my home network, preventing Internet Connection Sharing, which is inexcusable. Disabling or uninstalling ZA does not resolve the problem you have to hack the registry and reset the stack (NETSH IP RESET) to recover the damage.

    If you google you'll find hundreds of people with hosed machines thanks to ZA. Firewalls and virus scanners are products I do expect to behave 100% reliably and when you lose that trust you are going to have a hard time winning me back. So despite a few quality versions in the early days, ZA have more than likely lost me as a customer for life.

    --
    It has become appallingly obvious that our technology has exceeded our humanity. --Albert Einstein