Thanks, happy to help if I can. This is how I understand it...corrections or additions welcome.
A "hardware" firewall is essentially a standalone appliance like a router running a software or firmware firewall.
Some advantages include:
- often very easy to set up, just run the software, follow the prompts, and you'll be connected quickly - the firewalling takes place on the router instead of using resources on your computer (especially good for older systems) - more than one computer can be protected, regardless of operating system, and all can share a single Internet connection easily - features formerly only available in expensive devices are now available for little money - features like SPI, NAT, MAC filtering, logging and more - a software firewall on a Windows computer is running under the Windows O/S. Most hardware firewalls run Linux or perhaps a proprietary firmware and have no other potentially vulnerable applications running, so are considered harder to exploit.
Disadvantages:
- can't use with dialup - some are slow to pass traffic and tend to lock up - reviews from other users online can help you avoid these
You can find them for around $40 US at chain retailers, sometimes for less online. Look for NAT, SPI, MAC filtering, logging and port forwarding. If a router with wireless access has those features and is less than the comparable Ethernet-only router, get it instead. Just disable the wireless option during setup and turn it back on if you decide to get a wireless device.
Most have a graphical interface that runs in your web browser so they are easy to configure. Be sure to set a hard-to-crack password for access and if using wireless set up WEP or WPA with another strong password.
I have had good luck with the cheapest Belkin and Linksys routers. Turn off automatic firmware updating for Belkin routers - mine was pinging Belkin when it was turned on and they have included advertising in firmware updates in the past (2003, none since that I know of). No big deal, one click in the control panel and it's disabled.
Get rid of ZoneAlarm - good luck uninstalling it, see their forums for help. Some versions require registry editing to remove completely (if I recall correctly). If you like, compare the logs from your router's firewall to what ZoneAlarm's traffic log says. Different? They are both firewalls protecting against the same threats. Of special note: is the router's firewall ignoring traffic that ZoneAlarm warns about? Why in the world would that be?
Discussions about these and other interesting ZoneAlarm "features" are just a web search away. Draw your own conclusions.
Dialup is a different story. I am not cognizant of an easy solution. Some have said obtaining an unused older computer and running a Linux-based firewall is the best option. Dunno, haven't tried it yet.
Good on you. Glad you think your version is fine. You found perhaps the only version that won't crash. Of course, you did tweak the snot out of it.
Tell me, how you are certain Zoner Alarm is truly blocking malicious traffic? How do you check? Do you use any other form of IDS? A network tool? Do you rely on their "logging"? How many malware infested computers do you clean up on a weekly basis? How many other products do you test and try on a regular basis?
ZoneAlarm? Seriously? Ever try anything else? You like the way ZA soaks up massive resources, or is it the false sense of security because it always appears to be "Doing Something Important"TM ? A few years back, ZA was crash prone, full of holes and pushed by dubious tests on dubious websites. I wouldn't touch it with a 39 1/2 foot pole, even if it is "fixed" now. Ever try to uninstall it? Ever do it without breaking something?
Agree with the "VMWare is free" chorus. Install 98 in VMWare on a Linux host. If you insist on running it natively, then a hardware firewall is the only way to go. I'd never install anything from ZoneAlarm, Norton, or McAfee anyway. I'm busily removing McAfee "Security" Center from yet another malware infected computer right now. Try a lightweight effective antivirus such as NOD32. If you are broke, AVG Free is still better than Norton or McAfee. Run Ad-Aware and Spybot.
Someone point me to an easily configured software firewall for Windows that actually works as well as a hardware firewall or even iptables for Linux. I don't know of one. If you do, please clue me in.
Slashdot Mirror
...The Osmonds "One Bad Apple"? Fiona Apple? The "Big Apple"? Do they need to cut a deal as well?
Thanks, happy to help if I can. This is how I understand it...corrections or additions welcome.
A "hardware" firewall is essentially a standalone appliance like a router running a software or firmware firewall.
Some advantages include:
- often very easy to set up, just run the software, follow the prompts, and you'll be connected quickly
- the firewalling takes place on the router instead of using resources on your computer (especially good for older systems)
- more than one computer can be protected, regardless of operating system, and all can share a single Internet connection easily
- features formerly only available in expensive devices are now available for little money - features like SPI, NAT, MAC filtering, logging and more
- a software firewall on a Windows computer is running under the Windows O/S. Most hardware firewalls run Linux or perhaps a proprietary firmware and have no other potentially vulnerable applications running, so are considered harder to exploit.
Disadvantages:
- can't use with dialup
- some are slow to pass traffic and tend to lock up - reviews from other users online can help you avoid these
You can find them for around $40 US at chain retailers, sometimes for less online. Look for NAT, SPI, MAC filtering, logging and port forwarding. If a router with wireless access has those features and is less than the comparable Ethernet-only router, get it instead. Just disable the wireless option during setup and turn it back on if you decide to get a wireless device.
Most have a graphical interface that runs in your web browser so they are easy to configure. Be sure to set a hard-to-crack password for access and if using wireless set up WEP or WPA with another strong password.
I have had good luck with the cheapest Belkin and Linksys routers. Turn off automatic firmware updating for Belkin routers - mine was pinging Belkin when it was turned on and they have included advertising in firmware updates in the past (2003, none since that I know of). No big deal, one click in the control panel and it's disabled.
Get rid of ZoneAlarm - good luck uninstalling it, see their forums for help. Some versions require registry editing to remove completely (if I recall correctly). If you like, compare the logs from your router's firewall to what ZoneAlarm's traffic log says. Different? They are both firewalls protecting against the same threats. Of special note: is the router's firewall ignoring traffic that ZoneAlarm warns about? Why in the world would that be?
Discussions about these and other interesting ZoneAlarm "features" are just a web search away. Draw your own conclusions.
Dialup is a different story. I am not cognizant of an easy solution. Some have said obtaining an unused older computer and running a Linux-based firewall is the best option. Dunno, haven't tried it yet.
Bleah back at ya.
Good on you. Glad you think your version is fine. You found perhaps the only version that won't crash. Of course, you did tweak the snot out of it.
Tell me, how you are certain Zoner Alarm is truly blocking malicious traffic? How do you check? Do you use any other form of IDS? A network tool? Do you rely on their "logging"? How many malware infested computers do you clean up on a weekly basis? How many other products do you test and try on a regular basis?
Why do I bother answering A.C. posts?
ZoneAlarm? Seriously? Ever try anything else? You like the way ZA soaks up massive resources, or is it the false sense of security because it always appears to be "Doing Something Important"TM ? A few years back, ZA was crash prone, full of holes and pushed by dubious tests on dubious websites. I wouldn't touch it with a 39 1/2 foot pole, even if it is "fixed" now. Ever try to uninstall it? Ever do it without breaking something?
Agree with the "VMWare is free" chorus. Install 98 in VMWare on a Linux host. If you insist on running it natively, then a hardware firewall is the only way to go. I'd never install anything from ZoneAlarm, Norton, or McAfee anyway. I'm busily removing McAfee "Security" Center from yet another malware infected computer right now. Try a lightweight effective antivirus such as NOD32. If you are broke, AVG Free is still better than Norton or McAfee. Run Ad-Aware and Spybot.
Someone point me to an easily configured software firewall for Windows that actually works as well as a hardware firewall or even iptables for Linux. I don't know of one. If you do, please clue me in.