I've several questions that I hope someone will able to answer :D I'm currently running ZAP, Mcafee Enterprise 8.0i + Antispyware and f-secure antispyware(shaw) on my laptop. Like the person in this thread:
http://www.wilderssecurity.com/showthread.php?t=74226
i'm running a wireless router at home, though it's linksys not d-link. also, i use the wireless connection on my office network.

1. When ZAP is running, I had problems with my internet connection till I checked what ZAP was blocking and added those into the expert rules. Basically I added in Allow all protocols for 192.168.0.0 to 192.168.255.255. This ip range was set for both the destination and source. This is for my linksys router, and did the same for my office network. I run basically browser programs, instant messaging, file-sharing (home) and ftp. My question is, is adding the expert rules i defined a wise thing to do, or should i just allow only tcp and udp for that ip range?

2. I'm considering switching to mcafee firewall on my laptop to keep as many things as possible within one software company. Similiarly, would this action be wise?

3. Any comments you may have. :)

btw If you decide to answer, I can be thought of as a newbie :) Nothing is too trivial to add in, though I may not implement it :D

Why not try NetVeda which has a pre built router configuration and is free and has more features than ZAP.

-{ Quote: "Why not try NetVeda which has a pre built router configuration and is free and has more features than ZAP." }-

I'm not sure I want any more features after configuring ZAP ;) In fact, I think I like the free version better, except it didn't have any rules I could add in so I had to get the pro version. I looked up netveda on cnet and saw that some commented it needed some configuration :(

NetVeda works straight out of the box, unlike CNET, some veterans out here have tested it and some are still running it so they can tell you more. It has far more options to configure in case you wish to go that route, the reason I suggested it is because it already has router configuration and all you have to do is add your net interface and LAN interface and it will automiatically configure itself.

That configuration they were talking about on Cnet ....just takes a mere
second.....in fact you can do it even before you reboot.
Just click on the icon in the tray.
Configuration.....System Configuration.....Just click on your adaptor.

Another thing I like about NetVeda....It seems to me, to have better app control
than say ZA or many types of FWs where you grant a generic Okay for Lets say
IE to access the internet.

NetVeda and Outpost, both give you an alert if an untrusted component..is
launching IE....or what is launching it.

You also have 3 options....allow always....deny always...or allow once.

That way....if you deny....you call always look up on the net...to see whats
trying to launch

-{ Quote: "1. When ZAP is running, I had problems with my internet connection till I checked what ZAP was blocking and added those into the expert rules. Basically I added in Allow all protocols for 192.168.0.0 to 192.168.255.255. This ip range was set for both the destination and source. This is for my linksys router, and did the same for my office network. I run basically browser programs, instant messaging, file-sharing (home) and ftp. My question is, is adding the expert rules i defined a wise thing to do, or should i just allow only tcp and udp for that ip range?" }-
The rule restricts it to systems on the LAN and should be OK unless there are systems attached you do not trust.

Was it permitting "other protocols" that resolved your connection issues?

Regards,

CrazyM

hmm... looks like I've gotta take a look at netveda.

What crazym said has got me thinking, as I do bring my laptop over to my friend's place sometimes for lan parties :D

He's using a prolink router, but I recall that sometimes I would forget to enable the correct expert rule but the connection still works fine. However, after a while, it started getting cranky and everything stops working. So I disabled ZAP and everything worked again. This happened quite a few times on my router as well, and I run basically the same apps everywhere. This led me to checking ZAP logs and setting up the expert rule. Originally it was set up to allow only tcp, then I changed to tcp and udp and finally all protocols. This was due to some apps still having connection problems.

As I'm typing this, I've not enabled the correct expert rule and my apps work fine, although I see tons of udp packets getting blocked by ZAP. I'm unsure if this would actually affect my speed, since it doesn't seem to be the case. I'm wondering if it could be due to different router configurations. All I'm sure of right now is that if the appropriate rule is enabled with all protocols, all my apps run fine. Unsure of whether I should just leave it at that.

thanks :)

-{ Quote: "As I'm typing this, I've not enabled the correct expert rule and my apps work fine, although I see tons of udp packets getting blocked by ZAP." }-
What exactly is being blocked?

Regards,

CrazyM

I looked at it carefully and looks like it was mainly dns requests lol. Explains a lot of things. :)

-{ Quote: "I looked at it carefully and looks like it was mainly dns requests lol. Explains a lot of things. :)" }-
You can add your ISP's DNS servers to the trusted zone and that should help.

Regards,

CrazyM

I've narrowed down the problem even further. It seems that when I startup my laptop normally, ZAP will interfere with normal web activities slightly, ie I may need to reload my browser a few times when I try to surf or reload my instant messanger a couple of times. Then it works fine. This is w/o configuring any expert rules, just allowing outgoing dns and internet zone security is set to high. Also, the setting "This comp is a client of NAT/ICF..." is checked in advanced settings.
Now, when I leave my laptop on standby, or if I just let the screen blank out but everything is still running, the wireless connection will dc, as I've set it to max savings. However, when I resume the laptop, after getting connected, it seems there'll be a period when I can't seem to use the internet. ZAP will block most attempts to connect. After shutting ZAP down and restarting it again, everything is fine again. I'm now unsure if it's winxp causing the problem, ZAP or my wireless software, all of which have been updated.

winxp with sp2
ZAP 5.5.062.011
Atheros AR5001X+ Wireless using atheros client utility 2.4.2.44

thanks :)