Help me set up ZomeAlarm?

Discussion in 'Off Topic [BG]' started by HeavyDuty, Jun 20, 2004.

  1. HeavyDuty

    HeavyDuty Supporting Curmudgeon Staff Member Gold Supporting Member

    Jun 26, 2000
    Suburban Chicago, IL
    I'm on a dialup.

    A few months ago, a friend suggested I install ZoneAlarm as a general security measure despite my being on dial-up. So, I finally got around to it today.


    In a half hour, I've been pinged by port scans over forty times!

    Can anyone give me advice on setting this program up? Specifically setting the proper permissions on the "Program Control" tab - my old brain is a bit confused by this "Access / Server" and "Trusted / Internet" stuff, and that's after reading the documentation.

  2. I have it. I barely ever get pop ups or anything. I guess its a good program but makes WinMX freeze. You just give access to the programs you trust. Thats what I did, but I just guessed on what to do. Yeah, I'm not much of a help at all. Sorry. :meh:
  3. nonsqtr

    nonsqtr The emperor has no clothes!

    Aug 29, 2003
    Burbank CA USA
    Zone Alarm is a software firewall. There's a free version that you can download from The latest version has a couple of bugs and glitches, but it's still a heck of a lot better than not having any protection. What I would recommend for starters is to set your Internet zone security to "high" and your local security to "medium". Then in the "programs" tab, you'll see a list of executables that need access to the Internet or the outside world, and a set of columns that say "allow connect", and "allow server", that kind of thing. There are three possibilities for each entry, either a green check mark which means "always allow this program access", a red X which means "never allow this program access", and a question mark which means "always ask me when this program tries to gain access". My first general rule is, never allow any program to act as a server on your local machine. That may prevent you from using Kazaa and WinMX, but the peace of mind is well worth it. You never want anyone connecting to your computer from the outside world, except under carefully controlled conditions. So I put red X's on all the entries in the "allow server" column. Then in the "allow connect" column (which will either permit or prevent programs in your computer from accessing the outside world), you'll have to use your judgement. There are some programs that Windows needs to have access the outside world. A short list might include the Services and Controller app, the Internet Explorer, Outlook Express, that kind of thing. These programs won't work without Internet access. On the other hand, some programs don't require Internet access. For example, I turn off the connect capability for the Windows Media Player, 'cause I only use it on my local machine. Anything that I'm not sure of, like maybe "Generic Host Process for Win32 Service", I put a question mark in the connect column, that way I'll be notified every time the program tries to get out on the Internet. This policy saved my butt the other day, I ended up visiting a malicious website, and it dropped two executables into the Temp directory under my user name, and then they immediately tried to gain access to the Internet. Zone Alarm notified me that this was happening, and so I immediately knew that these two programs "smmo.exe" and "rs.exe" shouldn't be allowed to exist on my machine. I deleted them, and then discovered that there were also registry entries containing those program names. It was a huge heads-up, and it forced me to go back to the NSA's computer security website and set my registry permissions so this couldn't happen anymore. Zone Alarm has saved my system more times than I can count. And yes, it is surprising what you can see the first few times you use it. :)
  4. As a note, if you are using version 5 of zone alarm and have any antivirus software installed, make sure to turn of zone alarm's built in anti-virus features, because you will probably experience some serious crashing. :crying: I know from experience.

    My recommendation is that you find a release around 4.5, the version 5 update was very unstable on my system, it kept kicking my DSL offline. I rolled it back the version 4 release and haven't any trouble since, and don't have to hassle with it trying to override my anti-virus software.
  5. HeavyDuty

    HeavyDuty Supporting Curmudgeon Staff Member Gold Supporting Member

    Jun 26, 2000
    Suburban Chicago, IL
    Great info, and exactly what I was looking for. Thanks!

    I'm getting pinged about every thirty seconds on average, from all different IPs and for all different ports. Since I've been the target of several spoof attacks (my email used as the return addy for spam), I wouldn't be surprised if my IP range is on some kind of spammer's Blue Plate Special menu. Hopefully this will put a stop to that!