Zone Alarm: Fun with hackers
Written: Sep 28 '00 (Updated Mar 28 '01)
|
Product Rating:
|
|
|
Pros: user interface, ok configuration
Cons: no user profiles
The Bottom Line: ZoneAlarm is a very good free choice to protect your Windows PC.
|
|
|
| ptiemann's Full Review: Zone Alarm |
The personal firewall software ZoneAlarm is free for personal and non-profit use which caused me to try it out. (Businesses can buy single or site licenses.)
Installation/ Configuration
The installation took only seconds and went without problems. It just asks how I connect to the Internet, how many computers I have and whether I use it professionally (in which case I'd need to purchase a license). No system restart was necessary which I appreciated.
I started the Zone Alarm from the start menu and within minutes got a couple of popup windows indicating different types of network activities like other computers in my local network trying to access my protected computer or my Internet Explorer trying to connect to the internet. Each time I am offered to allow the access. Luckily those popup windows have a check box "Do not show this again", which I preferred - these boxes are highly intrusive. If interested you can look into log files later.
All activities are logged in an alert log. There is a tab 'Programs' where I can specify for each program whether I want it to pass the lock (by default the computer is 'locked up'). The configuration possibilities are very good and everything is accessible through the user interface without editing INI files, as it is necessary with BlackIce. On the first level of configuration Zone Alarm already distinguishes between the local network and the external network (internet). Any permission given to applications can be given for the local and/or external network. To achieve this with BlackIce, I did have to browse the knowledgebase on the manufacturer's web site and finally manually edit an ini file.
After I had used my common Internet related programs for a while, Zone Alarm had compiled them to a list of applications with individual permissions. Anything else will be blocked.
There is also a feature that "locks up" the Internet in case of 10 minutes of inactivity (configurable, of course). They call this "Automatic Lock".
If one does not want to specify permissions individually by application, then the security can be chosen between high/medium/low each for the local and the external network. I chose the default setting of 'medium' for the local and 'high' for the external network here, which caused me to get the mentioned warnings.
The user interface of Zone Alarm is kind of entertaining/ funny. There's a big red "Emergency Stop" button. It allows to instantly interrupt any connectivity. I never needed this and I doubt that I will want to press this button. I simply believe that serious attacks if ever will happen while I am not around. And even if they were at my computer - I doubt I would notice anything - because I did turn off all popup windows. I just want my firewall to step in when someone tries something, no interruption of my work.
MailSafe
A new feature called "MailSafe" isolates Visual Basic script attachments. Due to lack of such emails I could not exactly figure out what this feature really provides. I believe it just warns when such emails come in, it does not provide virus-scanning capabilities.
Comparing with others
Zone Alarm is extremely easy to install, configure and if desired, to de-install. The user interface is fun to use (thus the title 'fun with hackers') and makes this firewall very configurable. I have looked at a couple of products in this category and believe that Zone Alarm is technically as good as BlackIce. Because it is free for personal use, I would recommend it over BlackIce.
Although easy to configure, I think that the user interface is not optimal yet. I found BlackIce more intuitive.
Zone Alarm has two shortcomings that make it less suitable for professional use.
1) No user profiles. All security related settings are stored in the registry in the branch \LOCAL_MACHINE. This means that all users of the computer will get the same settings. Not so good.
2) Support of protocols TCP, ICMP and UDP only. ARP/RARP, DHCP and PPTP or just good old NetBEUI are not supported. MacAFee Personal Firewall does support all those protocols, but it is not free.
Why this all? Oh my God, I get attacked!
A personal firewall makes sense for anyone with a permanent connection to the Internet. After installing any of these products, one will experience within an hour the first incoming port scans. What does this mean?
Most of the time there are people, commonly called 'script kiddies' who employ port scanners to scan all IP numbers (or certain ranges, e.g. all cable modems in the USA seem to be in the 20.x.x.x. - 28.x.x.x range). These tools check whether your computer is infected with a trojan horse program. If your computer is infected, then the trojan horse program will respond to the scan and the hacker can kind of remote control your computer through it. The hacker could use your computer for all kind of activities e.g. start other attacks that will appear to originate from your computer then.
If your computer is not infected, then the hacker will most likely ignore you.
A firewall will step in if your computer is infected and protect you. So check your firewall log files... or better run an up-to-date virus scanner.
Recommended:
Yes
|
|
|
|
Epinions.com ID:
ptiemann
|
 - Top 50 |
|
Member: Peter Tiemann
Location: Capitola, CA
Reviews written: 260
Trusted by: 2822 members
|
|
|
- Add to My Yahoo!: 
- Add to Google Homepage: 
© 1999-2009 Shopping.com, Inc.