I can remember just a few months ago how everyone was saying that ZoneAlarm was the firewall of choice. Now, it seems everyone is flying away from it in droves. OK, so it does use up a fair number of resources. But, my questions are:

1. Why be concerned with system resources if you have XP (or 2000)? They don't have the resource problem that plaqued 95/98/ME.

2. Do the other firewalls really protect as well as ZoneAlarm, which is the only one (unless things have changed recently) that passed ALL the security tests.

Thank-you in advance,

- Jeff

What do you mean he's the Doctor? Doctor Who?

My reply is that I hadn't heard anyone moving away from ZONEALARM. If an exodus is in process, I certainly haven't heard...

As a matter of fact, I was just about to purchase the paid version.....

What are you referring to...?

Take a look at this thread:

http://www.pcqanda.com/dcforum/computer/53532.html

- Jeff

What do you mean he's the Doctor? Doctor Who?

As also holds true with Antivirus software, it's a moot point which software affords better protection, when it starts to cause problems on people's systems. Perhaps that is part of the reason why people are starting to embrace other software. Also, there simply are more decent choices now than there were previously and that probably has a lot to do with it.

Now, people use the term resources rather loosely. Seldom do they refer to those pre-allocated heaps in win9x that are involved in so many software problems. No, they generally mean memory and CPU usage when they say that, or more generally the feel of malaise and suffering and decline in responsiveness of the system. A smaller, lighter application that doesn't cause those problems uses "fewer resources".

Grogan

OK, the only real problem I have heard people complain about with ZoneAlarm is when they upgrade to the newest version. But, usually it is their own fault because they don't turn off the vector services before upgrading. Sure, others have complained; but, they seem really isolated occurences (any complex piece of software will bound to give problems on a few machines out of the many millions of differently configured machines out there).

I have put ZoneAlarm version 3.x on many systems including P-3 500Mhz. Win98 systems, and it doesn't seem to affect system speed that badly. I think people are dreaming things if they think ZA is affecting system speed or stability that badly.

Now, the question remains, do the other personal firewalls provide the kind of protection that ZoneAlarm does? I haven't seen anything that says they do.

- Jeff

What do you mean he's the Doctor? Doctor Who?

When I attempted to upgrade several months ago, I followed the supplied Zone Labs instructions to the letter. Nowhere was it stated to turn off vector services in lieu of a complete uninstall of the previous version. Only afterwards did it become common knowledge.

My fault? Bullshit! Zone Labs dropped the ball in this instance by providing incomplete upgrade instructions.

I now use ZoneAlarm with no problems at all. Anyway, which resources are supposed to be heavily used by ZA?

1. Why be concerned with system resources if you have XP (or 2000)? They don't have the resource problem that plaqued 95/98/ME.

System resources problems with NT/2000/XP are practically non existent. I heard a radio show Saturday where a guy was asking where he could find out what his resources were using up. He said it was easy to find on 98SE, but couldn't find it on XP. The answer of course is, don't worry about it. The only problem you may have is if you're running a large number of start up programs that are really not necessary. This could possibly slow your system down. You have to watch these programmers and what they consider necessary.

2. Do the other firewalls really protect as well as ZoneAlarm, which is the only one (unless things have changed recently) that passed ALL the security tests.

As far as passing the test, most do to some degree or another but ZA always seems to be the one to beat. I never had any problems with ZA on any platform and with XP it seems to just roll along doing it's job.

ZA gained its reputation because it was the first free personal firewall that worked. Now there are others, and people are making their choices - sometimes they have a problem with ZA and go looking, sometimes they just find something they like better for whatever reason.

I don't think protection is something that can be graded in degrees with software firewalls. It either works or it doesn't. The users installation may effect it, whether they're networked or not, and how, for instance. So it comes down to ease of use, features, potential for rules precision, and whatever intangibles some user thinks is important.

PSFs are kind of like browsers I guess - people seem to get emotional about the one they prefer for some reason.

>I don't think protection is something that can be graded in
>degrees with software firewalls. It either works or it
>doesn't.

I disagree with this statement because tests have been done on various firewalls to see how well they protect from certain intrusions or how well they prevent applications from sending out. The results show that some firewalls will protect against a few things, some other firewalls will protect against some things, others will protect against most things, and a few (ok, ZA is the only one I really have definitively seen) will protect against all of them (or at least the ones tested for). So, it is a matter of degrees of protection.

- Jeff

What do you mean he's the Doctor? Doctor Who?

Although many of you are running XP, those of us who have to soldier on with W9x must still give serious consideration to the issue of resource usage by the different firewalls.

Believe me, if you run plenty of progs - and that's what my PC's for in my book - then you have to keep a wary eye on the old resource meter.

In this regard, the recent upgrade of free ZA to version 3.?, which is beyond doubt a real resource hog, made it essential for me to change firewalls!!

If resources are not your problem, then ZA is clearly a good choice. If not, then Outpost, Sygate, Kerio and other personal firewalls - many free - will do just as good a job, with a much smaller "resources footprint" in most cases."

IMHO!

Mitch

Can you show me hard test results from independent testers that show that personal firewalls other than ZoneAlarm do as good job as ZoneAlarm?

Thanks

- Jeff

What do you mean he's the Doctor? Doctor Who?

Why beat this to death? Everyone use what they prefer. I personally feel Zone Alarm messed up a good (Great!) thing when they brought out 3.X. and they aren't paying attention to the problems. It's a resource hog for many, many 98 users. Agnitum's Outpost is not. Outpost passed Gibson's RC tests. I am happy with it for now. Who knows about any of these programs later? Look at Ad Adware. Just my 2 cents, of course.

Dave

Not my real point at all.

I am not qualified to grade the effectiveness of personal firewalls, nor any kind of authority on firewall testing results.

There are, however, a number of published tests I believe, but as someone else has said, considerations about resources utilisation aside, it all comes down to personal choice in the end.

For what it's worth, I liked Zone Alarm 2.6x very much. I was impressed with Sygate and I'm just now learning to live with Outpost.

IMHO, they probably each do just as good a job as the other -IMHO!

Mitch

Thank you.

I don't spend much time reading firewall tests, but I have seen several over the last year or so. I haven't seen any that support what you're saying in terms of your disagreeing with me. Most firewall tests I've seen have a large subjective element, and also are setup to begin with to guarantee a lower ranking for some perfectly fine products (this is true of any so called objective testing - you have to set standards, and different products will fit better or worse into those standards.) If you're including the various "for demonstration purposes only" exploits that people come up with, they're a non-issue to me for several reasons. Fact is, any of the top firewalls do their job, it's just what you prefer, for whatever reasons.

Bob,

In my case, I simply had no patience left for ironing out the resulting problems that began immediately following the version 3.x upgrade. It was installed on my wife's computer and she needed a reliable application. It was simpler to remove ZA and install a different product. That's how my wife switched to Outpost.

By the way, my brother didn't upgrade. He still uses ZA 2.6 and it works fine.

Also see my response to post number 5 here

Allyn

Hi Allyn,

The last version of ZA I used (2.4x) worked fine system wise, but that was quite a while ago. I used to spend a lot of time in the grc security software newsgroup, which was effectively a ZA support group, and saw all kinds of problems people had with upgrades even before 3.0. Not knocking it, and new software (3.0) can have problems, but it was a long-running theme Still, these things are getting more complex all the time, you just have to find what works for you. Telling Jeff he should switch to Outpost would be precisely as silly as telling you to switch back to ZA Whatever works ...

This is probably going to get alot of neg comments but here goes. If running XP try their firewall WITH a good avg. For the most part stand alone computers are not a target and a good avg will hopefully stop trojens or any other e-mail nasties
Madc

XP's firewall is inbound only - outbound protection/information is why people even with routers still use PSFs (if they care about such things.)

Hello Bob,

I am beginning to wonder about security overkill on my PC. I seem to spend more time tweaking and updating the security and privacy software than I do anything else.

I am on a LAN behind a router with as the blurb puts it "Comprehensive Firewall - with keepstate facility, DoS/DDoS protection, IP anti-spoofing and user-configurable packet-filtering."

Run ZA free to guard against nasties phoning out etc.

I have Trojan Hunter, with the Guard running.

I run NAV as part of NSW.(recent addition)

I have ScriptSentry - although probably superflous since NSW.

StartPage Guard

Start Up Monitor

SpyBot S&D

SpywareBlaster

Ad-Aware

SpySites

Probably some others I cant remember...

Edit - I run KIWI Syslog Daemon. (not very well )

Jim

Hi Jim,

I think lot of people are getting into that situation, of having that view. Part of the problem is that a lot of the stuff is necessary if you want to protect yourself, where a few years ago, not so much. Redundancies complicate things if a person goes to the point of thinking they need several programs that do basically the same thing.

I've got one each ...

1. AV - DrWeb
2. PFW - Outpost
3. Trojan - Trojan Hunter
4. Spyware - SpybotSD
5. Startup Monitor
6. Script Sentry

That looks like a lot to me there on the page, but only three need updating, and the other three operate transparently. Of the three updates, DrWeb is quick and painless (literally a few seconds on dialup), TH takes a bit, but usually isn't a daily occurrence, and SpybotSD isn't bad and isn't often enough to be a bother. It helps that two of the three updates are a click away in the tray. I also tend to update (all but DrWeb) "when I think of it" rather than jumping right on every announced update. It's good to know they're available, but nothing is going to blow up if I don't get around to it until the next day or whenever.

I used to have this theory on risk management, and how people unconsciously made their decisions. First, the more likely an event will occur, the less severe the negative consequences - that (and its inverse) seems to be a rule. But, big but, most people make their risk assessment decisions based on the likelihood, not the severity of the result. To me that's backward. It's why (if you have any sense) you wear a seatbelt in your car.

Kind of interesting how this theory fits with home computing on the web. Just what are the negative consequences? Is losing everything, or allowing your computer to be used by a 3rd party for evil deeds that big a deal to you? You could make the argument that it's not, especially if you've got remote copies of your files. For me, I have a hard enough time keeping this thing running without letting some stranger have his way with it, and I think I've got a workable, reasonably efficient plan. It's obvious that it's easy to go overboard with it though, and knowing that, there's plenty out there who would take advantage of people's insecurities and lack of information on what the threats really are/are not.

Hello again Bob,

Thanks for the reply.

Although I wouldnt like to lose data and have the pain of reinstalling/disinfecting my machine. What really irritates me is these people who feel it if perfectly OK to install stuff on my pc without my consent or steal my bandwidth for making money for themselves.

You are right it doesnt actually take long to keep stuff up to date, just feels like it at times.

I will keep taking the tablets,

Thanks again,

Jim

Computers are not for any productive purpose. Computers are to be cared for, slaved over, kept current, revered, and protected from the bad guys. They are for wasting time. They are for communicating with other individuals who have the same addiction/fetish. Only rarely do true computer aficionados use their machine for utilitarian activities.

It's my opinion that very few individuals who use their computer solely for actually useful functions will be active members of this forum.

Jim.

Edit: Corrected typo.

That's nonesense! Computers are an invaluable resource for many people from writers like myself, to artists of all kinds. And as an educational resource it can't be beat. The web is the only place I know that one can get such a prolific and diverse amount of information that's not corporate influenced--as in the mainstream media.

The web will continue to expand its interactive capabilities and enhance education and the acquisition of knowledge in ways never dreamed of.

Hal I think you took KJT seriously. It was a joke.

EDIT: Comments removed.

Labyrinth responded more curteously than I did.

Jim.

I took a Paxil before I realized there was truth in every joke.

What the heck is Paxil?

>This is probably going to get alot of neg comments but here
>goes. If running XP try their firewall WITH a good avg.
>For the most part stand alone computers are not a target and
>a good avg will hopefully stop trojens or any other e-mail
>nasties
>Madc
I think you are being a little naive here.I'm glad I'm not in your e-mail address book.

Hi Jbm,
My point being that if you use the right anti virus you won't get the e-mail virus to begin with.. I have had e-mail stopped a number of times like that. As far as the rest, when I tested XP's firewall, everything came up stealth. As I said you nee both.
Madc

Can anybody answer Doc's (Jeff's question)? I've looked and can't find the answer. If something is better out there..useing less resources, quicker, I'd like to know. So far I have no complaint with Zone Alarm, but that doesn't mean there isn't something better. I hadn't a clue about AVG until I came here, and its saved my butt a couple of times already. Zone Alarm took some getting used too, but I'll try anything to speed things up. Everything I've read says, ZA is as good as anything else, and I'm stealthed at every site that has tested it. What more is there? I really would like to know.

I realize this is Agnitum but you may find it interesting:

http://www.agnitum.com/php_scripts/compare.php



http://www.worldstart.com/forums/showthread.php?s=fed07fee35c5305696fc17e8aa3ec8b7&threadid=6300

Hal are you useing Outpost Pro?

Not yet. I just installed Outpost a few days ago. I was using Sygate.

What OS are you useing?

98SE

1.0 Ghz Pentium III
Leadtech 300 Watt ATX Case
Asus Motherboard
256 MB SDRAM
Turtle Beach Montego II Soundcard
10 GB 7200 rpm Maxtor Hard Drive
CD-ROM
Trident AGP 3D Accellerator
Intel 10/100 Network Adaptor

I'm not naive, and I agree with him. I would not have that noise on my system. Practicing safe computing (using your head), using good, up to date antivirus software and blocking incoming connections to your ports is way enough. The using your head part is the catch though. I've never had any use for firewalls of any sort, in fact I find them a hindrance. However I'm confident in my abilities to maintain control. I obviously don't recommend this for everyone though.

However you don't really need a complex application filter to make your life Hell. Yes, I have the technical acumen to operate Zone Alarm and maintain a healthy working system but many people aren't as meticulous. In my experiences with Zone Alarm on every day people's computers, the people haven't got a clue how to operate it and they say either say yes to everything or no to everything and have problems. It's just spinning wheels. Also prone to software conflicts.

I curse them for their broken uninstaller too. What the Hell kind of program doesn't unload it's components during an uninstall. Yes, I understand it's for security but they need to find another way to prevent the application from being nefariously uninstalled or disabled. Bloody Hell, I've seen the broken remnants of the True Vector service cause people some grief.

I'm not especially fond of Norton Internet Security either. It annoys me greatly, and again people haven't got a clue how to use it correctly.

No, there are simple firewalls that control incoming (and some of them outgoing as well) connections based on simpler rules that do the job nicely. The Windows XP built in firewall. The firewall component of PC-Cillin. Some of those new fandangled ones I've never tried that are mentioned in this thread. If these cause people less grief and aggravation, then it is better to have the protection that really counts rather than getting fed up and not using any protection at all.

Grogan

Behold the paranoia, for it is good and it is true!

I know people that haven't used their computer (for anything except email) for months because they are too busy updating firewalls, AV programs, Anti-Trojan programs, Anti-Cookie, Anti-Scripting, Anti-Spyware, Bot detectors, and on and on and on.. we're talking at least 2 hours up updating, defragging, clearing TIF, scandisk, etc.. EVERY DAY! And whats the result? A lifetime spent worrying so much that you forgot the beauty of killing Nazi's and blowing shit up.

Ranger Bob says the same thing and I agree.

I totally agree. And what has been said before. "Mr Natural, what does it all mean, it don't mean sh--"
And thats all I have to say about that
Madc

Before I joined Forums I happily played games. Now I am tracing my damm ISP on ZAP (my ZA has blocked 23,385 attempts), zapping spyware on Spybot, installing updates to Spyware Blaster, checking for Trojans with Tauscan, looking for viruses with AVG, arguing about the pros and cons of Firewalls (none of which I give a damm about).
The disappointing thing is I have found no virus, trojans, hackers but they are all out there trying to get in.
After all that I have no time to play any multiplayer games. But to do that I have to open one of my Ports and that might make me vulnerable. I'm not paranoid just being careful.

Guns don't kill people. Husbands who come home early kill people.

I think all these tools are fun. My AV is AVG, firewall is KPF 2.1.4. Have Spybot, HijackThis, and others. I admit I've never caught anything, looking forward to maybe some day something will attack me

My dear DM, thanks for the blissful pull back to reality. I will be killing some Mechs this weekend and traversing the terrain of Hobbiton thanks to you. Life is easy until it is twisted inside the mind of a human.

Stranger than life

Norton Ghost is our friend! I partition my drives in 2, Data in D: and OS in C:. I run lite, not alot of programs running in the background. If I end up having problems (I cause most of my own!) in 15min. I'm up and running again.....just like new! Data untouched!

Live! Don't Hide! LOL

Even doing Image Backups has become something I just don't find necessary. I have other computers networked to this one, and I backup my files by dragging and dropping to a network drive. In the case of the OS, Its got its own HD, nothing else is actually installed on it (save for an mp3 or something on the desktop, and mydocs which gets backed up over the network). Doing the whole image thing just got to be more trouble than it was worth, especially considering that half the time the images were super old.. who wants to spend 2 hours burning CD's once a week when I can releod the OS in an hour, create a few shortcuts, and thats it?

I am more low tech. I have a XP system networked to a 98se box behind a router/switch on DSL. I keep a third box(uber single player gamer) ready to go in case my network gets slammed. I refuse to let the hackers and script babies influence my computer experience in any way. F*EM! This is all too much fun to be worrying about all the time. Besides, I keep myself busy much of the time fixing my own screw-ups.

Exactly one year ago I paid for ZA, it was the only firewall I'd heard about.

2 weeks after I got it someone posted about Outpost.

So, I wasn't happy with ZA, so I d'loaded the free Outpost.
I looked at it, explored it, I was extremely pleased with it and promptly paid for the "pro" version. I have not returned to ZA and never will. Outpost sits there quietly doing it's job.

It's easier to use (set up / configure), easier to do what you want, it tells you the best mode to allow sites, you can do your own plug-ins, get free ones or shareware ones.
It blocks ads, cookies, and other things.

It operates in a stealth mode. I am not referring to resource hungry in any of this, I personally think Outpost leaves ZA standing.

Anyway, if your'e thinking about it, why don't you download the free version and try it. It's your choice.

Best Regards
Ian

I've used the free ZA for over two years. Currently on 3.1.? Installed 9/9/2002. On a scale of 1-10, 1 the easiest, it is a 3 to use, and that if you have no troubles with it. In that way it affords some protection, some peace of mind. Two weeks ago I bought Norton firewall and have been trying to learn it. I bought it because I wanted a program that I owned and on CD with updates available, and because Finnie rated it as good for a novice, with the default settings affording reasonable protection and ease of use. I have found it anything but and am considering not using it and staying with ZA or trying Outpost.