Spyware, viruses, & security : Router firewall or ZoneAlarm???

(NT) You're welcome :D

by roddy32  - 1/28/05 5:51 PM

admin rights?

Perhaps you have to be logged in with admin rights to do that. That would explain the grayed out options. Make sure you have admin rights and then try it. That procedure worked fine on my XP Pro and saves me the trouble of getting that warning everytime I boot up.

Zone alarm's blocking intrusions because your router's open!

Routers don't need any open ports - not even 80. Opening a port on the router allows someone on the internet to connect to your computer on that port. Thus, those 600 connections you have are because you opened port 80 on your router, and then zonealarm had to tell them they had no business talking to your computer. Connecting outbound on port 80 will always work to surf the internet (unless you get fancy and specifically disable outbound 80 in the router.)

So why do they allow opening ports in the router? So you can run a web server on your home computer (in which case you'd have to allow inbound connections on that port through zonealarm also.)

So, if you're very cautious about how you configure the router (and don't change any default setting without thoroughly understanding what you're doing) the router's sufficient.

I'm a MS certified systems engineer, and run 3 servers hosting 10 domains, serving both web and email from my house, plus another half dozen computers. A router and anti-virus works just fine for me.

Port 80

Most virus problems will start with port 80, then once in place will open additional ports. Many things reported by a firewall are harmless,although they have potential to be destructive. The firewall software creators want you to have something to look at , so that you can tell that it is working.

Many home routers come through a user programable firewall that you access online to customize to your personal taste, such as SBC DSL service provided by the phone company, and several cable internet providres. HOWEVER, some simply supply you with an unprotected access point to the web. Call your provider and ask.

You can run as many firewalls and "resident" spam blockers as you want, but each will add some degree of lag, meaning that it will slow you down. If you have a fast service,and a fast computer, you may not notice.
Some special file sharing programs require that you have additional ports opened, so that they may operate properly, and some home networking and server applications require additional ports. The software you use to set up these applications may have trouble interfacing with mulitple firewalls, to set them up correctly.

Bottom line...If your service provider claims to have a good hardware/software firewall inplace, then a GOOD anti-virus program that checks email, and a couple of good Anti-Spam programs are all that is necessary. I would personally suggest the new free Microsoft Anit-spam program which is free, and the free SpyBot Search and Destroy program. If you feel you really want an additional firewall, the Windows firewall that comes with Service Pack 2 (WinXP) is a very user frindly and effective one that is FREE. If you are ANTI MICROSOFT, then ZoneAlarm works fine. That should keep you up and running worry free for many days ahead. HOWEVER, you should understand that no matter what you do....the chance is always there that something bad could happen, so back up your "can't loose" information to CD/DVD, and forge ahead in peace.

Remote desktop

Terminal server and Windows Remote Desktop both use TCP port 3389

Zone Alarm still blocking intrusions with a router

Obviously you have a router that does not have a built in firewall. I run Zone Alarm behind a Linksys firewall router and Zone Alarm has not had to block an intrusion since installing the router. Routers come with and without firewalls.

Some Routers default to firewall off

My SMC Barricade has a good firewal - I'm well protected by it with no software firewall needed, **BUT** when I first got it and I nosed around in its setup program and went into the "advanced" area where the firewall settings are I saw to my dismay the default as shipped is firewall service turned off. You have to actually turn the firewall on and "apply" the change.

What a silly default.

If I had taken the easy way out and used the "express setup" (avoiding the details of advanced setup) I would have never seen this.