Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

ZoneAlarm Employs Scare Tactics Against Its Users

Soulskill posted more than 3 years ago | from the your-computer-is-broadcasting-an-ip-address dept.

Security 216

snydeq writes "Check Point Software appears to be ripping a page from the 'scum it claims to fight,' running a scare-tactic warning dialog to frighten users into upgrading to a paid version of the company's ZoneAlarm firewall product. Preying on fears of ZeuS.Zbot, the Check Point warning dialog tells users their PCs 'may be in danger' without having found ZeuS.Zbot, nor having checked to see whether you're running an antivirus product. 'The program doesn't care if you're infected with ZeuS.Zbot, or if you have protection in place. It just wants to sell you an upgrade to the firewall that may or may not detect future ZeuS.Zbot variants' activities — some day.' Check Point's customers have inundated the ZoneAlarm forums with complaints."

cancel ×

216 comments

Sorry! There are no comments related to the filter you selected.

ZoneAlarm still exists? (5, Informative)

Khyber (864651) | more than 3 years ago | (#33641688)

I haven't used that piece of garbage software in about 5 years.

Re:ZoneAlarm still exists? (1, Informative)

Anonymous Coward | more than 3 years ago | (#33641724)

Same here. It use to be awesome, then got more and more bloated and slow.

Re:ZoneAlarm still exists? (1)

mark72005 (1233572) | more than 3 years ago | (#33642026)

Is there a (preferably free) alternative to Zone Alarm?

I installed this several years ago on my parents computer because they kept getting it inundated with viruses and spyware and such.

Re:ZoneAlarm still exists? (0)

Anonymous Coward | more than 3 years ago | (#33642074)

Windows Firewall?

Re:ZoneAlarm still exists? (1, Informative)

Anonymous Coward | more than 3 years ago | (#33642080)

AVG is apparently pretty good. Combine with Spybot S&D.

Re:ZoneAlarm still exists? (1, Informative)

Anonymous Coward | more than 3 years ago | (#33642094)

Comodo free firewall has served well enough for a couple of years now.

Re:ZoneAlarm still exists? (4, Insightful)

Lumpy (12016) | more than 3 years ago | (#33642176)

Yes; windows XP SP2 or higher, windows Vista, and Windows 7. All three have a firewall that is more than most users need.

IF you really need a "little snitch" type of app for windows, you need advanced software. 99% of all users do not need this kind of "firewall" and would be better off with the built in windows one.

Re:ZoneAlarm still exists? (1, Insightful)

Anonymous Coward | more than 3 years ago | (#33642282)

Actually the best free kit I have seen so far is comodo firewall and antivirus. Good bit of kit but defence plus will give any non-savvy computer users a headache.

Re:ZoneAlarm still exists? (3, Insightful)

magnusrex1280 (1075361) | more than 3 years ago | (#33642574)

Microsoft Security Essentials, hands-down. Faster and more efficient than all the others, and it's unobtrusive. And it's free.

Re:ZoneAlarm still exists? (1)

HermMunster (972336) | more than 3 years ago | (#33642688)

I would dispute the "faster" part of your statement, though I would say that it is competent.

Re:ZoneAlarm still exists? (4, Insightful)

h4rr4r (612664) | more than 3 years ago | (#33642896)

iptables.

Re:ZoneAlarm still exists? (3, Informative)

Anonymous Coward | more than 3 years ago | (#33641762)

I haven't used it since XP SP2 included a firewall. Good riddance!

Re:ZoneAlarm still exists? (1)

jlechem (613317) | more than 3 years ago | (#33641874)

I long since moved to Spybot Search and Destory. That thing was ass even back then, it would slow down my old pentium to an unusable state. Doesn't sounds like they've gotten better in the past 5 years.

Re:ZoneAlarm still exists? (1)

MonsterTrimble (1205334) | more than 3 years ago | (#33641992)

That was my first thought. I quit using Zone Alarm before I jumped ship to Windows due to it *REALLY* borking windows until it was removed. Frankly, when the window's stock firewall kicks your ass, you're done.

Re:ZoneAlarm still exists? (-1, Troll)

Anonymous Coward | more than 3 years ago | (#33642046)

But are you still using that piece of garbage OS required by ZoneAlarm?

Re:ZoneAlarm still exists? (1)

Khyber (864651) | more than 3 years ago | (#33642174)

Windows 7 has been rock solid for me, surprisingly.

But I always have a spare MenuetOS USB key for when I want to tinker around.

Re:ZoneAlarm still exists? (1)

HermMunster (972336) | more than 3 years ago | (#33642672)

Zone Alarm is freaking annoying, constantly asking you to upgrade to the full version.

AVG is annoying too. They constantly warn you that if you don't get the paid version that you won't be fully protected.

Comodo is a pretty decent firewall and it has the side benefit of staying out of the way. I generally only see it when it asks me if I want the latest upgrade.

Microsoft's Security Essentials is fine for those individuals that need protection. If you get infected (with just about any malware protection) you won't be able to remove it with those products. You need a cadre of products and your best off cleaning it using a different computer with the drive set as a secondary drive non-boot.

Quit using it (1)

p51d007 (656414) | more than 3 years ago | (#33642830)

Years ago. The built in version for XP, Vista & 7 for most people are sufficient.

See ya ZA (2, Informative)

rbochan (827946) | more than 3 years ago | (#33641690)

I used to recommend them to residential users. I will not ever again.

Re:See ya ZA (1)

Mashiki (184564) | more than 3 years ago | (#33642084)

I think that was the idea behind this. Or "How to lose your customers in 3 easy steps."

Re:See ya ZA (2, Interesting)

Martin Blank (154261) | more than 3 years ago | (#33642344)

I stopped recommending ZA a few years back, when they had that stream of critical vulnerabilities. Only recently had I thought about adding them back into the recommendations list since I hadn't seen many major problems in a while. This knocks them back off the list for a couple more years at least.

Trusted (5, Informative)

Psychotria (953670) | more than 3 years ago | (#33641706)

Well, they fooled me at first because I've had ZoneAlarm installed for ages and trusted it. After looking through my running processes, registry, etc, and doing a virus scan I suspected something was dodgy because there was no indication of this zeus trojan. It was then I found the big list of complaints on ZoneAlarm's forums. I was a bit annoyed that they wasted my time. Until yesterday when this showed up I had no reason no to trust what ZoneAlarm was telling me. Now, I am not so sure.

Re:Trusted (1)

waddgodd (34934) | more than 3 years ago | (#33641884)

Why are you paying attention to your firewall for virus alerts? Do you do the same for your word processor? It makes about as much sense.

Re:Trusted (4, Insightful)

Darkness404 (1287218) | more than 3 years ago | (#33641918)

....Because many viruses will try to open up ports so they can send spam, etc.

Re:Trusted (1, Interesting)

Anonymous Coward | more than 3 years ago | (#33642148)

When I got a drive-by download of the usual TrustMeI'mTotallyAnAntiVirusProgram 2010, my firewall caught it trying to phone home. My anti-virus didn't even get a chance to alert me because I got to work exorcising my computer immediately after blocking its outbound connection.

I've since moved to an OS where I don't have to jump through hoops to make sure I'm not running as Admin all the time. Before you jump to any conclusions, I mean Windows 7, though I do run Linux on my media PC.

Re:Trusted (1)

CannonballHead (842625) | more than 3 years ago | (#33642478)

Your AV doesn't check your e-mail/downloads automatically?

Re:Trusted (0)

Anonymous Coward | more than 3 years ago | (#33642558)

Why are you paying attention to your firewall for virus alerts? Do you do the same for your word processor? It makes about as much sense.

That is a superb demonstration, by a reader of Slashdot no less, of the ignorance that allows viruses, botnets, and spam to be as prolific as they are.

I'm going to use that quote "Why are you paying attention to your firewall for virus alerts?" in my next presentation.

Re:Trusted (1)

kodr (1777678) | more than 3 years ago | (#33642096)

Time to switch to Comodo Internet Security [comodo.com] then.

Re:Trusted (1)

0racle (667029) | more than 3 years ago | (#33642224)

I hope their security suite is better then their backup tool. Did a test restore with their trial and it was unusable, permissions were all messed up and it was missing a lot of files.

I personally won't recommend any of their products.

ZoneAlarm was backdoored, right? (4, Interesting)

equex (747231) | more than 3 years ago | (#33641730)

I thought ZoneAlarm got outed for essentially being a backdoor some years ago ? I stopped using it then and never looked back.

Re:ZoneAlarm was backdoored, right? (1)

TheRealMindChild (743925) | more than 3 years ago | (#33641804)

Trusting a software firewall is like trusting "The Club (tm)" to protect your car from thieves. Just like ZoneAlarm, once I hit it, I'm hitting the software stack on your machine, and a compromise via 0-day exploit can be made just the same as a car thief using a hacksaw to cut a small hole in your steering wheel and removing "The Club (tm)"

Re:ZoneAlarm was backdoored, right? (1)

FuckingNickName (1362625) | more than 3 years ago | (#33641848)

And how many such network stack attacks have existed since Win98?

Re:ZoneAlarm was backdoored, right? (1)

TheRealMindChild (743925) | more than 3 years ago | (#33641892)

It doesn't need to be the network stack exploited... just ZoneAlarm... the bit you shoehorned between your network connection and the rest of the internet.

Re:ZoneAlarm was backdoored, right? (3, Informative)

Caerdwyn (829058) | more than 3 years ago | (#33641912)

CVE-2007-0069

CVE-2007-0069

CVE-2010-1893

Though the last one really doesn't count for ZoneAlarm's intended function, as it's a local privilege escalation.

Reference: http://cve.mitre.org/index.html [mitre.org]
Search terms: Windows kernel tcp/ip

Re:ZoneAlarm was backdoored, right? (1)

Caerdwyn (829058) | more than 3 years ago | (#33641934)

fatfingered the first. CVE-2007-0066

Re:ZoneAlarm was backdoored, right? (1)

jgtg32a (1173373) | more than 3 years ago | (#33642116)

By fat fingered you mean had your mind in the gutter

Re:ZoneAlarm was backdoored, right? (0)

Anonymous Coward | more than 3 years ago | (#33642102)

And all of those are easily prevented with the default settings of the Windows built-in firewall. Just stop turning it off and you are fine.

Re:ZoneAlarm was backdoored, right? (1)

FuckingNickName (1362625) | more than 3 years ago | (#33642548)

Poorly implemented management protocols sitting above TCP, UDP or raw IP do not represent the kind of problem which a software firewall cannot deal with because of a bug in the network stack.

N.B. router discovery protocol is not enabled by default in Windows and IGMP will be blocked by default on any sane firewall before packets are acted upon. This is fortunate since several operating systems, including Linux, have suffered from poorly implemented IGMP handling.

Re:ZoneAlarm was backdoored, right? (0)

Anonymous Coward | more than 3 years ago | (#33642108)

No, no no no no. "The Club" you want is the one with members, one of whom comes round once a month to collect on a little "insurance" to keep you car from being stolen :)

Re:ZoneAlarm was backdoored, right? (1)

Lumpy (12016) | more than 3 years ago | (#33642200)

What loser thief uses a "hack saw" for that? bolt cutters will go through a steering wheel in less than a second. that kind of speed is important for a car thief. Sawing for 10 minutes is not something anything but a crackhead would do.

Re:ZoneAlarm was backdoored, right? (1)

Martin Blank (154261) | more than 3 years ago | (#33642390)

Hacksaw blades with duct tape around one end are much easier to hide than bolt cutters, and it only takes under a minute to go through a steering wheel.

Re:ZoneAlarm was backdoored, right? (1)

PaladinAlpha (645879) | more than 3 years ago | (#33642482)

My car got stolen a week ago, so I'm really getting a kick out of this. (No, it really did get stolen.)

Related note. Let's say you lived in a high-risk zone for car thievery, and that you weren't going to be able to afford anything more than like some late 90's economy model car (so, say, no car alarm or GPS), and you really HAD to make sure it didn't get stolen. What would you do? I was actually thinking Club until you people convinced me otherwise *grin* -- any alternate suggestions?

Re:ZoneAlarm was backdoored, right? (3, Interesting)

Tanktalus (794810) | more than 3 years ago | (#33642588)

Googling for "car colour theft", one of the top hits is an article suggesting painting your car pink [nytimes.com] . Not sure if the cure is worse than the disease, but that's your call to make for your own situation.

Re:ZoneAlarm was backdoored, right? (1)

SydShamino (547793) | more than 3 years ago | (#33642976)

The Club works fine provided the car next to yours doesn't have one. It's not about making your car steal proof - it's about making your car slightly-less steal-able than your neighbors'.

Same strategy that makes a barking dog good home security.

You won't get absolute security to prevent losing your car. You could put in an ignition kill switch, but you'd want to find a mechanic that was creative with switch placement or that would be found, too. And the thief won't know about this until after he's broken your window, at which point he'll steal your stereo, slash up your dashboard and piss in your seat out of spite.

My usual car is high-end, but I have a 1997 Mazda Miata that I use when I plan to go downtown at night. I can park it on the street and most people won't bother it. The worst that's ever happened was a homeless guy ripping out the side mirror's motor assembly. (And that was hassle to replace, but just $100 from a junkyard.) The top is cloth - anyone who wants into it can get into it - so I just leave the top down most places. (Where homeless congregate I put it up to avoid someone pissing in it.)

Re:ZoneAlarm was backdoored, right? (1)

SydShamino (547793) | more than 3 years ago | (#33642998)

Also, don't leave anything in your car, and don't put things in the trunk when you park. Why advertise that you just stuck a laptop in the trunk and then walked into a movie theater? If you're going to put something in the trunk, do it before you drive somewhere, not after you arrive.

Backfire after management change (5, Insightful)

flydpnkrtn (114575) | more than 3 years ago | (#33641754)

As a poster indicates, ZA was bought out by CheckPoint a few months ago. This scare tactic will probably backfire on them...

Why in the hell did someone at CheckPoint say to themselves "Wait a second... Gestapo style marketing that looks like a phishing scam sounds like a great idea!"

Re:Backfire after management change (1)

ponds (728911) | more than 3 years ago | (#33641952)

2004 is more than 'a few months ago'

Re:Backfire after management change (1)

flydpnkrtn (114575) | more than 3 years ago | (#33642760)

What's a measly 72 months between friends? :)

Re:Backfire after management change (0)

Anonymous Coward | more than 3 years ago | (#33642008)

Why in the hell did someone at CheckPoint say to themselves "Wait a second... Gestapo style marketing that looks like a phishing scam sounds like a great idea!"

Because it obviously works...

Re:Backfire after management change (0)

Anonymous Coward | more than 3 years ago | (#33642158)

Why in the hell did someone at CheckPoint say to themselves "Wait a second... Gestapo style marketing that looks like a phishing scam sounds like a great idea!"

Because people who get whatever some popup tells them they need are clearly the ones most in need of the higher levels of "protection" offered by the Pro version.

Re:Backfire after management change (2, Insightful)

jopsen (885607) | more than 3 years ago | (#33642280)

This scare tactic will probably backfire on them...

Wouldn't that require that their customers knowns the difference between, the ZoneAlarm popup and one of the five other popups provided Symantec, AVG free and Avast... All of which are likely installed and peacefully generating popups at appropriate intervals...
- Seriously, how many tech savvy users runs Windows, sorry I mean... How many tech savvy users runs anti virus software... let alone ZoneAlarm... :)

Re:Backfire after management change (1)

couchslug (175151) | more than 3 years ago | (#33642776)

"This scare tactic will probably backfire on them..."

Easy enough to help that happen.

Geeks are often asked for advice. Telling people software will fuck up their computer tends to get their attention.

Inundated? (0)

Anonymous Coward | more than 3 years ago | (#33641770)

Really? 30 posts in a thread is "inundating" someone? Really, do they have only 40 users and this is more than half ... ?

Let's scale the hyperbole down from "the elder gods rise" and back down to "a few people are mildly concerned".

Re:Inundated? (3, Informative)

flydpnkrtn (114575) | more than 3 years ago | (#33641850)

There are posts that reference other threads where this was "already posted," but clicking those links leads you to a vBulletin "No thread specified" page. Presumably ZA has been deleting threads....

See http://forums.zonealarm.com/showpost.php?p=283423 [zonealarm.com] and http://forums.zonealarm.com/showpost.php?p=283420 [zonealarm.com] for example posts... both those posts reference a nonexistent thread.

Damage control maybe?

Re:Inundated? (1)

ElKry (1544795) | more than 3 years ago | (#33641888)

Feels like thread merging to me.

Re:Inundated? (2, Interesting)

lgftsa (617184) | more than 3 years ago | (#33642178)

They're also editing people's posts under their "terms of use" policy. Mostly it's removing the names of other firewall products, but there's a couple by the main editor "GeorgeV" with no indication of why the edit was made or any placemarker to show where it was made.

Ah, and there's also some posts which have entirely disappeared. Since the unique post ID is common to the entire forum it's hard to detect, and the #x post counter on the right is dynamically generated when the thread is displayed. I did see one post disappear, and then the user re-posted. Here's the details of the new post, which I expect to disappear as well.

http://forums.zonealarm.com/showpost.php?p=283543&postcount=40 [zonealarm.com]

Unread Today, 01:24 PM
MajorSanchez MajorSanchez is online now
Junior Member

Join Date: Sep 2010
Posts: 1
Default Re: zbot.zeus Notice
Trolling? Barely. Check Point software needs the wrath of the internet unleashed upon them to make them realize their mistakes.

[redacted] attacks make ZoneAlarm.com go down.

[redacted]

et cetera.
Reply With Quote

Attack command redacted because I'm nice

Whoops, that post's gone, too.

Way to go Checkpoint, with one twitch of your marketing neuron you've alienated your loyal users and enraged the script kiddies.

Re:Inundated? (0)

Anonymous Coward | more than 3 years ago | (#33642222)

Slowloris ./slowloris.pl -dns www.zonealarm.com -num 1700 -timeout 10 -tcpto 5

Summary is correct (5, Informative)

cerberusss (660701) | more than 3 years ago | (#33641776)

The summary is spot on. I haven't been a Windows user for a number of years, but a friend asked me to fix her malware problem and I reinstalled her Windows XP box. For the firewall, I remembered ZoneAlarm from a few years ago and installed it. After the first reboot, some stupid popup appeared, prompting me to "like" the software on Facebook. I'm like WTF? But still gave them the benefit of the doubt. Next reboot it comes up with the totally bogus popup that I may get infected with Zeus. I had to reread it twice to find out it really was an advertisement.

I downloaded Comodo [comodo.com] , unplugged the network, uninstalled ZoneAlarm, installed Comodo and plugged back into the inter webs. Never looked back.

I probably will not buy any Check Point software for my business either.

Re:Summary is correct (3, Interesting)

Blue Stone (582566) | more than 3 years ago | (#33641962)

Yeah, I ditched Zone Alarm for Comodo some time ago after ZA got bought out by Checkpoint. I think it was that the newer post-buy-out versions of the software kept re-ckecking the "automatic updates" option in the preferences and kept giving itself permission to access the internet, despite me explicitly blocking it. Several instances of this and I thought, 'crikey, the new owners are a bit dodgy' and jumped ship to Comodo.

Can't say I'm surprised to see them plumet down the 'sacrifice integrity to serve our bottom line' route. (That's also why I ditched AVG).

Re:Summary is correct (1)

Martin Blank (154261) | more than 3 years ago | (#33642414)

Checkpoint isn't bad, actually. It's just the ZA line that you really need to avoid. Checkpoint itself does well if you don't need advanced features (at least with high performance).

Whats ZoneAlarm? (4, Funny)

NevarMore (248971) | more than 3 years ago | (#33641780)

Is it like a frontend for iptables?

Re:Whats ZoneAlarm? (4, Informative)

master0ne (655374) | more than 3 years ago | (#33641864)

It used to be a sophisticated light weight feature rich firewall for windows.... it allowed rules and whatnot.... now... its a bloated flaming pile of sh*t sinking with a horrible company that deserves to be put out of business for its questionable marketing practices and horrible customer support.

Re:Whats ZoneAlarm? (2, Funny)

youn (1516637) | more than 3 years ago | (#33642452)

I thought it was more like a rear end as it's acting like an ass ;)

ZoneAlarm users get what they deserve (4, Insightful)

realmolo (574068) | more than 3 years ago | (#33641808)

Seriously. What morons are using ZoneAlarm? WHY would you use it, when Windows has had a better firewall since XP, and the Vista/Windows 7 firewall is even better than that?

ZoneAlarm has always been a piece-of-shit.

Re:ZoneAlarm users get what they deserve (1)

Nimey (114278) | more than 3 years ago | (#33641870)

Not always. It was pretty decent back in the 2.x Windows 98 days.

Re:ZoneAlarm users get what they deserve (0)

Anonymous Coward | more than 3 years ago | (#33642670)

zonealarm was pretty awesome back in the day. atguard was even better, but it disappeared. atguard had the firewall stuff, but also this thing where you could tell it what ads and javascript to remove from what web pages. Oh man, it's all coming back.. anyone remember thirdvoice? It let you type "Lies! They suck!" on web sites and anyone else using thirdvoice could see them. :D

Re:ZoneAlarm users get what they deserve (1)

Culture20 (968837) | more than 3 years ago | (#33642024)

Windows has had a better firewall since XP

Try blocking outgoing connections with the XP firewall.

the Vista/Windows 7 firewall is even better than that

This is true. Unfortunately, with its power has come a more difficult interface. Why do I have to click 20 times to enter ~10 IP ranges into the scope list for just one port? Why can't it be a comma delimited text field like before?

Re:ZoneAlarm users get what they deserve (3, Insightful)

mysidia (191772) | more than 3 years ago | (#33642220)

Try blocking outgoing connections with the XP firewall.

Try upgrading to Windows 7 and using Windows Advanced Firewall instead of a 12-year-old product ? :)

Worrying about blocking outgoing connections with ye' ol' windows XP firewall is kind of like worrying about duplex printing on a 80s/early 90s-era dot matrix printer <G>

Re:ZoneAlarm users get what they deserve (1)

e065c8515d206cb0e190 (1785896) | more than 3 years ago | (#33642528)

Windows XP is a 12 year old product?

Also, how is age relevant? ipchains/iptables is 12 years old, and supports this very basic functionality.

Re:ZoneAlarm users get what they deserve (0)

Anonymous Coward | more than 3 years ago | (#33642580)

Except iptables doesn't get upgraded when Linux Vista and Linux 7 comes out you retard. XP is obsolete and the improved firewall is in 7. As opposed to iptables that gets upgraded from your kernel and gets regular userspace updates that do not require an OS switch.

Re:ZoneAlarm users get what they deserve (1)

Culture20 (968837) | more than 3 years ago | (#33642552)

Um, yeah. That was my point. Realmolo said XP firewall was better than ZA. I explained why it isn't, and even pointed out that Win7's was better.

Re:ZoneAlarm users get what they deserve (0)

Anonymous Coward | more than 3 years ago | (#33642606)

No kidding, it's a solution for people running a 12 year old product that's still supported by its vendor. Some people don't like dropping a hundred bucks when they have supported, functional software already. Apparently a Smug license comes with every new copy of windows these days.

Re:ZoneAlarm users get what they deserve (1, Insightful)

Beerdood (1451859) | more than 3 years ago | (#33642072)

Seriously. What morons are using ZoneAlarm?

The same people that never remove any programs from their desktop and agree to anything any pop up tells them to. (Oh I have to update? Ok, I'll just click yes - it must be helpful!) When your non-computer-savvy friends call you for "tech support" and you start up their computer to find out why it's running so slow - it doesn't surprise me to see all sorts of useless or ancient programs running in the background.

That's pretty much who zone alarm is after. The non-techie crowd that still happens to have their software installed that can be easily fooled into thinking they have a virus.

Re:ZoneAlarm users get what they deserve (2, Insightful)

JayGuerette (457133) | more than 3 years ago | (#33642386)

WHY would you use it, when Windows has had a better firewall since XP, and the Vista/Windows 7 firewall is even better than that?

Why? Simple: because the Windows firewalls have a built-in white-list. That completely removes it from my consideration. I'd argue that 'firewall' is not even applicable to that service.

Re:ZoneAlarm users get what they deserve (2, Insightful)

MMC Monster (602931) | more than 3 years ago | (#33642736)

Seriously. What morons are using ZoneAlarm?

You know that person you told to use Zone Alarm 8 years ago? He's been upgrading since then and telling all his friends that his computer expert friend told him Zone Alarm is great.

Sucks to be us.

ZA -- good but time passed it by (3, Insightful)

mlts (1038732) | more than 3 years ago | (#33641826)

I remember ZA being decent, especially the registered version. However, there isn't a need for it anymore, just like there isn't a need for QEMM-like packages for new equipment. Windows 7 has a decent built in firewall to keep things out [1], and for antivirus protection, Microsoft Security Essentials is a download away and licensed at no charge.

[1]: If a compromised app is trying to phone home, the battle is lost when it comes to host security. So having a firewall popping up Allow/Deny dialogs is pointless on post-XP Windows versions because of the amount of false positives generated.

Re:ZA -- good but time passed it by (0)

Anonymous Coward | more than 3 years ago | (#33641966)

Agreed. If you're on Vista/7, Windows Firewall + MSE is plenty good. If you're not, and you're a home user, time to either upgrade or install Linux if your machine is too crappy and you can't be bothered to get new hardware. Corporate users have mandated security software anyways, so no decision to make there.

Re:ZA -- good but time passed it by (1)

mlts (1038732) | more than 3 years ago | (#33642296)

If a user is using XP, even XP's outgoing firewall is decent. These days, the only real niche for ZA is Windows 2000 and earlier, operating systems with no intrusion protection from incoming network attacks.

Other than the edge/corner cases of embedded equipment running Windows 95/98/ME/NT/2000, people who still have HP Journadas or other portable items that run a way backlevel version of the OS, and maybe someone running old applications on a VM with this old an OS, I just don't see any point for ZA as a standalone product anymore.

If I were running Checkpoint, I'd sell the software product for an inflated price for backlevel systems (Windows 2000 and earlier), put the software on maintenance mode, and call it a night.

Re:ZA -- good but time passed it by (0)

Anonymous Coward | more than 3 years ago | (#33642808)

Years ago when ZoneAlarm was owned by ZoneLabs I thought it was a pretty decent product. I stopped recommending it though after it became too bloated and reading this latest Check Point stunt certainly doesn't restore my faith in it. I still have have some slight doubts about the integral WinXP firewall since it's still a one-way utility. Win7's firewall seems to be pretty robust however. Still, for pre-Win7 systems I've been recommending Outpost, functionally it reminds me of what ZoneAlarm used to be, and visually the GUI is just cleaner and simpler. Doesn't suck up a lot of system resources either.

Re:ZA -- good but time passed it by (1)

Altrag (195300) | more than 3 years ago | (#33642082)

Which is why most firewall software has a "always do this" option of some sort. The first week or so after you install a new firewall program generally sucks, but after that you've usually got most of your "real" apps marked off and things go pretty smoothly from there on.

Of course for some people, a week worth of always clicking "Allow" is enough to train them badly forever.. but there's only so much that can be done :P.

Re:ZA -- good but time passed it by (1)

Ecuador (740021) | more than 3 years ago | (#33643028)

just like there isn't a need for QEMM-like packages for new equipment.

What do you mean? Is there another way for new equipment to make 610kb+ of base RAM available to play Sensible Soccer?

Anyone know a decent software "firewall"? (3, Informative)

Anonymous Coward | more than 3 years ago | (#33641840)

I used to use Kerio in the WinXP days, but it doesn't cooperate with Win7 x64.

Requirements:
1) Rule-based. I want to permit/deny network traffic to certain apps. 2) Option of "PermitTraffic/AllowTraffic" and "LogTraffic/IgnoreTraffic" as independent settings. (e.g., I want to allow logging of permitted applications' traffic, as well as denied apps' failed attempts, and after looking at the logs, decide whether or not I want to bother logging it.)
3) Accurately figure out which app is actually responsible for denied traffic. (Looking at you, PrivateFirewall 7.0, which never actually says that it's the Windows Update client that's legitimately trying to access some random Akamaized download site.)

I tried the built-in Windows firewall, but it was difficult/cumbersome to set up in default-deny mode, and when I did, I couldn't easily find out which app was causing the denied traffic. (e.g. is it some game that phones home on the first attempt to register/activate, or is it some bullshit Games For Windows Live client that has no need to be used in a single-player game?)

Thanks to PrefBar for one-click Javashit and Flash toggling, a non-Adobe PDF reader, an ad-blocking local proxy, and the equivalent of a decent-sized ad-blocking HOSTS file implemented in the external router, I've never actually been hit with malware, so I'm more interested in monitoring unsolicited outbound traffic than worrying about inbound traffic. Likewise, I'm more interested in legitimate apps rather than malware that could trivially disable the software "firewall". Given that sort of environment, what's the current best practice for software "firewalls"?

Re:Anyone know a decent software "firewall"? (2, Informative)

mlts (1038732) | more than 3 years ago | (#33642066)

That is exactly how to do security these days. Running a capable browser with Adblock, Foxit for PDF reading, keep add-ons like Quicktime and Flash updated if one uses them. Just Adblock alone gets rid of the dodgy ad sites, some of which allow third party advertisers to try to use bugs in add-ons as a vector for compromise.

Hardware firewall first to protect machines from incoming network attacks. Second are filtering the ad sites which will happily slap drive-by malware on people's machines. Third, filtering out JS and other add-ons unless the user wants to see them.

Finally, fourth is a program like Microsoft Security Essentials that is licensed at no charge and does not nag. This all assumes the user is clued enough to not be affected by the Dancing Bunnies security hole too.

Re:Anyone know a decent software "firewall"? (1)

Martin Blank (154261) | more than 3 years ago | (#33642490)

Kerio's firewall was picked up by Sunbelt, which has been promising a 64-bit version for some time but has yet to deliver.

Actually, looking at their forums, they just posted a couple of days ago that the new 64-bit version of VIPRE (their AV software) includes a firewall. VIPRE is pretty good and has low resource utilization. I've got Nod32 at home, and it was a toss-up on which to go with, but Nod32 had a slightly higher percentage of malware caught in a test at the time, so I went with that. (Nod32 has a 64-bit version, despite the name, and it also includes a firewall.)

Re:Anyone know a decent software "firewall"? (0)

Anonymous Coward | more than 3 years ago | (#33642910)

Try Comodo personal firewall. I used Kerio back in the day and loved it. Comodo is pretty much identical in all features.

YO! BOZO! It's called MARKETING !! Internet Style (0)

Anonymous Coward | more than 3 years ago | (#33641842)

Welcome to the internet syndeq !!

May I please have your SSN, DOB, and mother's maiden name, and bank account number?

Upon reciept of this I will forthwith depoist the sum of

  $1,000,000.00

into your account.

Thanks,
Chief Abu Grabe Graves, III

Re:YO! BOZO! It's called MARKETING !! Internet Sty (0)

Anonymous Coward | more than 3 years ago | (#33641886)

You had me up until "forthwith." Forsooth! Now I know it's a scam!

Zounds! ZoneAlarm zealous about Zeus.Zbot? (5, Insightful)

Culture20 (968837) | more than 3 years ago | (#33641932)

Whatever happened to alliteration in article titles?

Re:Zounds! ZoneAlarm zealous about Zeus.Zbot? (1)

cormander (1273812) | more than 3 years ago | (#33642054)

Zo zany zeez in Z zrticle zust zooks zad.

I stopped using that crap... (2, Informative)

TavisJohn (961472) | more than 3 years ago | (#33642128)

When they basically refused to support Windows 7. I have sense replace the firewall on ALL my machines (including my XP machines) with PC Tools Firewall Plus. It is free, and provides better protection than Zone Alarm.

Re:I stopped using that crap... (1)

Ecuador (740021) | more than 3 years ago | (#33643060)

What's wrong with simply using the Windows 7 firewall? Maybe ZoneAlarm did not support Win 7 because they know there is already a better firewall included...

Notice This: (0)

Anonymous Coward | more than 3 years ago | (#33642172)

Note how some posts have "SNIP" in them.

Obviously, they are editing people's posts to keep them from suggesting better firewalls.

Hell, I may dump Zonealarm myself and try Comodo. I heard that firewall is less taxing on resources...

"customers" (1)

Necron69 (35644) | more than 3 years ago | (#33642348)

I don't think that word means what TFA's author thinks it means.

- Necron69

ZoneAlarm? (0)

Anonymous Coward | more than 3 years ago | (#33642412)

I left that behind when Microsoft came out with a product. What are they going to do, screw me even more?

Like they could! I swear Bill Gates could come to my house and hit my balls with a hammer for all the harm it would do.

I tried Comodo for a while, it was nice, but it had problems with multiple users.

Re:ZoneAlarm? (1)

couchslug (175151) | more than 3 years ago | (#33642958)

"I swear Bill Gates could come to my house and hit my balls with a hammer for all the harm it would do."

I, for one, find that idea vaguely arousing.

Alternatives (1)

Barefoot Monkey (1657313) | more than 3 years ago | (#33642680)

I'd love to hear some opinions on this matter. I'm completely unsatisfied with Windows XP's firewall, but if I don't want to use ZoneAlarm then what other good options are out there? And regarding Windows 7: is its firewall decent enough that there's no need to replace it?

Why do you put up with all of this? (1)

node_chomsky (1830014) | more than 3 years ago | (#33642794)

Looking at the posts in this thread makes me very glad I don't have to do any of this to keep my computer functional. Windows is a complete joke, I don't think anyone has to put up with more bullshit in computing than the average Windows user, I do genuinely feel bad that these people waste so much time and money on such poorly built technology. It's really very tragic.

List of free Windows firewalls (5, Informative)

Aryeh Goretsky (129230) | more than 3 years ago | (#33642832)

Hello,

Below is a list of free application software firewalls I put together a while ago. Not sure if they are all current, and I am probably missing quite a few, but it is a starting point.

Firewalls
Active Network [lanctrl.com] - Active Wall Free Edition [lanctrl.com]
Agnitum [agnitum.com] - Outpost Firewall Free [agnitum.com]
AS3 Soft4U [xthost.info] - AS3 Personal Firewall [slashdot.org]
Ashampoo [ashampoo.com] - Ashampoo Firewall Free [ashampoo.com]
Comodo Group [comodo.com] - Comodo Firewall (now a part of Comodo Internet Security [comodo.com] )
FilSecLab [filseclab.com] - Filseclab Personal Firewall Professional Edition [filseclab.com]
Group 4 Business Intelligence [g4bi.com] - IDNWebShield [idnwebshield.com] (main web site down when last checked)
NetVeda [netveda.com] - NetVeda SafetyNet [netveda.com]
PC Tools [pctools.com] - PC Tools Firewall Plus Free Edition [pctools.com]
PrivacyWare [privacyware.com] - Privatefirewall [privacyware.com]
SecurePoint [securepoint.cc] - Securepoint Personal Firewall & VPN Client [cnet.com] - (discontinued?)
SoftPerfect [softperfect.com] - SoftPerfect Personal Firewall [softperfect.com]
Tall Emu [tallemu.com] - Online Armor Free [tallemu.com] - (acquired by EmsiSoft?)
WIPFW Project [sourceforge.net] - WIPFW [sourceforge.net] - (port of BSD IPFW)

Firewall Managers
GT Delphi Components [gtdelphicomponents.gr] - Windows Firewall Ports & Applications Manager [gtdelphicomponents.gr] (WFWPAM)
Sheesley, Eric [shadowlair.com] - XPFiremon [shadowlair.com]

Hopefully, this is of help.

Regards,

Aryeh Goretsky

Caveat !Emptor (1)

Capt.Albatross (1301561) | more than 3 years ago | (#33642902)

It took me a while to decide where I stand on this. Generally speaking, users of a free product who complain about what they get have an over-active sense of entitlement. I would make an exception in the case of blatant deceit, but I don't think that this quite qualifies as such -- a reasonably careful reading of what they say shows what little they actually claim to offer. What they deserve some grief for, IMHO, is poisoning the well for more selfless and principled purveyors of freeware, whose interests are presumably harmed if people are turned away from trying their products on account of actions like these, and also for spreading confusion over so important an issue as security.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>