ZoneAlarm 7 or Outpost 4?

Discussion in 'other firewalls' started by gracie123, Jul 22, 2007.

Thread Status:
Not open for further replies.
  1. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Right! Got it, the hazard that concerned me is still present. I will continue with other non-ZA FW's.

    TY
     
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Hi Seers and all!
    Glad to hear that, finally, the calling home issue is resolved... :)

    Cheers,
    Fax
     
  3. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    2,068
    Location:
    Serbia
    Hello fellow members :)

    Escalader,

    I was mainly concerned with the firewall part of ZA Pro, and whether this outbound could be stopped from within ZA without seriously crippling it (or using a third-party software). As I also said in my posts #8 and #31 in this thread, the connection itself is not a problem if it's documented. However, the firewall does not warn on this connection, so this is still something to be kept in mind when considering ZA Pro for protection. This is not the most transparent piece of software.
    That said, I don't beleieve that ZA's vendor has dishonest intentions behind this.
    As I already said, I am content, as it is possible to stop this outbound without any side-effects on the firewall.

    This feature (AV monitor) is just there to tell you if the AV software is installed or not, something like Windows Security Center, if I am not mistaken. There are no AV features in Pro version of ZA.
    IMO, this feature is unneeded as is it's outbound connection.

    My regards to all,
     
  4. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Indeed this feature is absolutely useless... it may be useful only for windows 2000 users or older OSs.

    • We do get WSC to warn us about outdated virus signature and most decent AV can monitor themselves better than ZA or WSC;
    • The AV supported are just a few and version supported are OLD (e.g. NIS 2005)
    So, I wonder why this is still here!!
    I sincerely hope that future major version of ZA (e.g. version 8 ) will get rid of this nonsense. May be ZAPRO for VISTA will get rid of it? Hope so...

    The most important thing is that for once, the 'devil' ZA has been reported not to call home. I hope that this will stop (probably not) the many post I have seen about "don't use ZA, its calling home' ... if problems are analysed with open mind and with no bushing attitude things can be solved in a good way and in a friendly and collaborative climate... as it has happen in this thread.

    EDIT: also note that antivirus monitoring is mentioned (online help and manual) as an element that calls home and that needs to be disabled separately. So there is no secret about it.

    "... There are certain situations in which you will not be notified before contact is made. Those include sending DefeneseNet data to ZoneAlarm, contacting ZoneAlarm for program advice, when an anti-virus update is performed, or when monitoring your anti-virus status. The "Share setting anonymously..." setting below, turns off the DefenseNet transfer. All other settings can be disabled from the main tab of their respective panels. "

    Cheers to all,
    Fax
     
    Last edited: Aug 23, 2007
  5. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Seer: I understand your points completely, my comments for Wilder's members are as usual in red.

    From my point of view I worry about a vendor's design mind set in NOT documenting such a connection in a tool designed to safeguard our connections. If it is omitted by careless documenting that is one level of concern. If it is hidden on purpose that is worse. We will never know from CP or it's fans here in this forum. I don't know, and would claim nobody here does either. If they do know, give us the official CP links to that documentation. Not the forum but official CP sites. Whatever the reason it is it is not a good thing. We may read documentation but many many users do not, they just trust...

    That is for sure, true!

    I hope you are right for the sake of the users, but CP needs to do something as a firm to end this matter once and for all. Perhaps subjecting all their ZA products to independent reviews. I for one will not risk using them until major changes occur in all aspects of their business but that is just MO.
    If this has already happened give us the official CP links to that documentation. Not the forum but official CP sites

    I am going with Stem's approach derived from his post 14 here and I ask his indulgence to quote him:


    I understand that, but why should users have to take special steps to protect themselves from their own FW? It is just my view but I prefer a tool that doesn't worry me in this way.

    Yes you are right again! I was forgetting that "feature". IMO it is at best a marketing stunt and I don't want to buy advertising tools embedded in my FW. Windows already does this reminding so why would CP put this piece of "nagware" in? IMHO this product out of the box has to many gathering outbound features other than just the explainable updates and advisor's. What we need is 100% transparency from CP about all the info they gather from our PC's where it is sent and WHY! Then we need a public statement saying all such practices will be stopped and removed in the very next product updates.

    Is that too much to ask? But don't stay up late waiting for that!

     
    Last edited by a moderator: Aug 23, 2007
  6. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    I always try to avoid responding to bushing messages and I liked so far the tone and the approach of the other members... but unfortunately your post can't go unnoticed and drive this discussion back to companies, strategies, bad behaviours, doubts and paranoia.

    As usual you post a false statement... the call home is documented and upfront (hyperlink in the ZA preferences tab named 'exeptions'). I have already posted the screenshot and content of the hyperlink.

    (https://www.wilderssecurity.com/attachment.php?attachmentid=192813&d=1187805961)

    I understand you don't like the approach or ZA/CP software but posting wrong information does not help your cause :)

    Cheers,
    Fax
     
  7. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,668
    Location:
    Philippines
    I am a long time user of Outpost Firewall. I have tried ZoneAlarm Pro and did not like it (personal taste). I find Outpost does (IMHO) does a much better job and I recommend you give it a try.
     
  8. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
  9. oldshep

    oldshep Registered Member

    Joined:
    Dec 19, 2006
    Posts:
    139
    I also found some info on that vunerability on PC Mag:

    http://blogs.pcmag.com/securitywatch/2007/08/insecure_security_products.php

    It seems that V7.0.362 fixes this - along with the call home issue discussed in this thread and elsewhere. Unfortunately, V7.0.362 has bugs / issues and is not being pushed out to the public. So, maybe ZA / CP should be patted on the back for attempting to resolve these problems. But full congratulations should be held until they have provided a stable version which implements these fixes.
     
  10. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    2,068
    Location:
    Serbia
    Hello fax :)

    I do not think Escalader said anything bad. His concerns may not be the same as yours. You choose to trust vendor's statement, but he may be not. And that's quite alright. There are some users (like me i.e.) who want to have full control of running processes on their machines, where do they connect, when and most important why, with the ability to allow the connection or not. On this issue of ZA Pro's AV monitor outbound, we do not have other choice but to trust the vendor. I personally do not trust anyone (when it comes to PC security), not even my own LAN.

    (The following is not necessarilly addressed to Stem, I just quoted his words in order to explain the following :) )
    The reason I apologized is that it was actually my fault in this thread for not reading on ZA sites and forums about various outbound connections of ZA Pro firewall before I posted. If I did that, there would be no need for this discussion. But it would have never crossed my mind that AV monitor needs an outbound connection, so that's why it's the last thing I tried (my grammar is not perfect, but I hope you get the picture). I just hoped that I could install the software and figure it out using pure logic. Why ZA needs to ask the "mothership" for installed AV? And an even bigger question is why doesn't it allow me to block it if I want to (without disabling features)? (these are just rhetorical questions)

    Cheers.
     
  11. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Nick: As usual my comments in red to stay OT.

    Did I say something bad? I have no idea since some posters have been blocked. If they were really really bad the moderator should snip or delete what was bad!
    I fully agree with the "distrust all" including your own Lan! In this security business, it is needed to have our defenses tested! We had a whole thread here where there was an attempt to shout down this "distrust til proven approach". It is a waste of time IMO to go through it twice. ZA has had this issue hanging over them long before I ever tried their product. It is their problem and their's to fix.
    Well those are real questions and deserve answers from CP. Nick I don't think we will see them answered here in a public forum. We see FUD but not much else.

    If members browse through the following thread you can find how to block off many of the ZA Pro call homes yet leave the update feature open.
    Leave it on manual updates though or your call homes will greatly increase! What I want to see is what information is actually sent in those outgoing packets, where it is sent, to whom and Why


    https://www.wilderssecurity.com/showthread.php?t=172579

    Cheers.
     
    Last edited by a moderator: Aug 25, 2007
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Hi Seers!

    Indeed, vendor make clear statements about calling home. There is no need of all this FUD (I am not referring to you). If you don't like how ZA manage your security you simply choose another firewall, there are many out there.

    I really see no reason for the user to defame the vendor so stridently. Fact is, when one screams like this they are merely considered some sort of fanatic, and their views should be suspect. It was a good, transparent and peaceful discussion up to when some users went in... moderator has intervened already but I guess they cannot always be here as watch dog...

    You don't need to be sorry, on the contrary, you have posted an honest concern and with the help of all (almost all :p ) you have sorted it out. I would dream to see this type of discussion more often in here.

    And going back to the original question. Both firewalls are good (security wise) but completely different in the way they operate. One gives you more granular control on connections (outpost) and the other is easier to use and more for unexperienced users, IMO. As usual, best to try them both and see which one you like best.

    Cheers,
    Fax
     
    Last edited: Aug 25, 2007
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.